Which approach best demonstrates how a Windows command tool can run commands with local privileges on a target system, using a process that is installed and removed after execution?
Configure an SSH-based connection on the target to allow remote inbound commands
Install a Trojan on the host that runs commands when a browser visits the malicious page
Rely on domain-level scripts applied each time the host restarts
Use the Sysinternals remote process facility, which sets up a helper on the system and removes it once done
The method referencing the Sysinternals remote process facility matches how the tool typically sets up a helper on the remote machine to run commands and removes it afterward. The other approaches, such as placing a Trojan, establishing an inbound SSH listener, or using domain scripts, do not align with the same mechanism.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Sysinternals, and what does its remote process facility do?
Open an interactive chat with Bash
How does PsExec differ from other remote command execution tools like SSH or PowerShell Remoting?
Open an interactive chat with Bash
Why isn't installing a Trojan or configuring SSH considered comparable to the Sysinternals method?