Multiple Choice
A penetration tester has gained access to a marketing employee's device. The penetration tester wants to ensure that if the access is discovered, control of the device can be regained. Which of the following actions should the penetration tester use to maintain persistence to the device? (Select TWO.)
A) Place an entry in HKLM\Software\Microsoft\CurrentVersion\Run to call au57d.ps1.
B) Place an entry in C:\windows\system32\drivers\etc\hosts for 12.17.20.10 badcomptia.com.
C) Place a script in C:\users\%username\local\appdata\roaming\temp\au57d.ps1.
D) Create a fake service in Windows called RTAudio to execute manually.
E) Place an entry for RTAudio in HKLM\CurrentControlSet\Services\RTAudio.
F) Create a schedule task to call C:\windows\system32\drivers\etc\hosts.
Correct Answer:
Verified
Correct Answer:
Verified
Q55: When performing compliance-based assessments, which of the
Q56: An attacker performed a MITM attack against
Q57: A security analyst has uncovered a suspicious
Q58: A penetration tester has performed a pivot
Q59: In which of the following components is
Q61: A penetration tester executes the following commands:
Q62: A penetration tester is performing initial intelligence
Q63: A penetration tester is performing initial intelligence
Q64: A client has requested an external network
Q65: A penetration tester is performing a code