A penetration tester has gained access to a marketing employee's device. The penetration tester wants to ensure that if the access is discovered, control of the device can be regained. Which of the following actions should the penetration tester use to maintain persistence to the device? (Select TWO.)
A) Place an entry in HKLM\Software\Microsoft\CurrentVersion\Run to call au57d.ps1.
B) Place an entry in C:\windows\system32\drivers\etc\hosts for 12.17.20.10 badcomptia.com.
C) Place a script in C:\users\%username\local\appdata\roaming\temp\au57d.ps1.
D) Create a fake service in Windows called RTAudio to execute manually.
E) Place an entry for RTAudio in HKLM\CurrentControlSet\Services\RTAudio.
F) Create a schedule task to call C:\windows\system32\drivers\etc\hosts.
Correct Answer:
Verified
Q100: A penetration tester wants to check manually
Q101: A client needs to be PCI compliant
Q102: While performing privilege escalation on a Windows
Q103: A client's systems administrator requests a copy
Q104: A consultant is attempting to harvest credentials
Q106: A penetration tester is performing a black-box
Q107: A penetration tester is performing a remote
Q108: Which of the following can be used
Q109: At the information gathering stage, a penetration
Q110: Which of the following is the reason
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents