PT0-002 · Question #266
PT0-002 Question #266: Real Exam Question with Answer & Explanation
The correct answer is D: Living-off-the-land. Living-off-the-land (LOTL) is a post-exploitation technique where attackers use legitimate tools, scripts, and features already present on a compromised system to achieve their objectives without introducing new malware.
Question
A penetration tester issues the following command after obtaining a shell: Which of the following describes this technique?
Options
- AEstablishing a backdoor
- BPrivilege escalation
- CPowerShell remoting
- DLiving-off-the-land
Explanation
Living-off-the-land (LOTL) is a post-exploitation technique where attackers use legitimate tools, scripts, and features already present on a compromised system to achieve their objectives without introducing new malware.
Common mistakes.
- A. Establishing a backdoor involves creating persistent, covert access to a system, which might use LOTL techniques but is the goal or outcome, not the technique of using existing commands.
- B. Privilege escalation is the act of gaining higher access rights on a system, which can be achieved using LOTL techniques, but LOTL describes the method of using native tools, not the specific outcome of privilege escalation.
- C. PowerShell remoting is a legitimate administrative feature for executing commands on remote computers via PowerShell, but it is a specific technology and not a general description of using existing tools for malicious purposes.
Concept tested. Post-exploitation techniques - Living-off-the-land
Reference. https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/living-off-the-land
Topics
Community Discussion
No community discussion yet for this question.