An assessor uses PowerSploit to deliver malicious scripts by obfuscating commands. Which measure best identifies the unauthorized use of those scripts?
Enable script block logging for detailed PowerShell activity
Rename critical executables to hinder potential attacks
Track processor usage to find unusual load patterns
Grant an external service privileged access for scanning
Enabling script block logging captures PowerShell commands, including hidden operations that evade standard logs. Monitoring CPU usage attempts to spot suspicious spikes but does not scrutinize script content. Renaming executables avoids detection rather than addresses it. Granting privileges to an external service does not specifically track malicious scripts.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is PowerSploit used for?
Open an interactive chat with Bash
How does script block logging in PowerShell work?
Open an interactive chat with Bash
Why is obfuscation a challenge for script detection?