During an assessment, a specialist develops a script to collect details from multiple Windows machines. Security tools are in use with standard settings. Which method can help reduce the chance of detection while gathering system data?
Linking the script to a scheduled task and using hidden system paths.
Executing instructions directly from memory without using disk storage.
Utilizing administrative privileges to bypass security mechanisms.
Converting the script into a compiled binary for distribution and execution.
Executing instructions from memory does not leave a file on the disk, so many conventional scanning tools cannot identify it easily. Converting the script into a compiled binary introduces an artifact on disk that scanners can examine. Linking to a scheduled task, even under hidden paths, often generates logs that can be investigated. Elevated privileges do not prevent detection because suspicious processes may still be flagged by monitoring systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does 'executing instructions directly from memory' mean?
Open an interactive chat with Bash
Why does converting a script into a binary increase the chance of detection?
Open an interactive chat with Bash
How do scheduled tasks and logs affect security visibility?