PsExec is a Windows Sysinternals tool that allows users to execute commands on a remote system without needing an interactive login session. The command above is executing cmd.exe on a remote Windows Active Directory domain machine (server01.cor.ptia.org).
Option A (Test connectivity using PsExec) ❌: The command does not check connectivity; it executes a command remotely.
Option B (Perform a lateral movement attack) ✅: Correct. Lateral movement occurs when an attacker moves from one compromised machine to another within a network, using valid credentials. PsExec is often used for this purpose.
Option C (Send the PsExec binary) ❌: The command runs cmd.exe remotely, but it does not transfer PsExec itself.
Option D (Enable cmd.exe) ❌: cmd.exe is already enabled by default on most Windows systems.
???? Reference: CompTIA PenTest+ PT0-003 Official Guide – Lateral Movement with PsExec
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit