nerdexam
GIAC

GPEN · Question #242

GPEN Question #242: Real Exam Question with Answer & Explanation

The correct answer is C. PSExec. PSExec is a legitimate Sysinternals remote execution utility that is widely abused by attackers to run executables, including malware, on remote systems without installing a client.

Question

You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

Options

  • ARemoxec
  • BHk.exe
  • CPSExec
  • DGetAdmin.exe

Explanation

PSExec is a legitimate Sysinternals remote execution utility that is widely abused by attackers to run executables, including malware, on remote systems without installing a client.

Common mistakes.

  • A. Remoxec is not a recognized standard remote execution tool in common security toolkits or certification curricula.
  • B. Hk.exe is a local privilege escalation exploit tool targeting Windows, not a remote code execution utility.
  • D. GetAdmin.exe is a legacy Windows local privilege escalation tool that elevates local rights, not a remote execution or lateral movement tool.

Concept tested. Remote code execution using PSExec for lateral movement

Reference. https://learn.microsoft.com/en-us/sysinternals/downloads/psexec

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice