PT0-003 Question #108: Real Exam Question with Answer & Explanation

The correct answer is C: Creating a scheduled task. To maintain access after a reboot, the best technique is to create a scheduled task that automatically runs a payload or backdoor when the system restarts. - Scheduled tasks persist after reboots, ensuring continued access. - Can be configured to run at system startup, user login

Submitted by jordan8· Mar 6, 2026Post-exploitation and Lateral Movement

Question

As part of an engagement, a penetration tester wants to maintain access to a compromised system after rebooting. Which of the following techniques would be best for the tester to use?

Options

AEstablishing a reverse shell
BExecuting a process injection attack
CCreating a scheduled task
DPerforming a credential-dumping attack

Explanation

To maintain access after a reboot, the best technique is to create a scheduled task that automatically runs a payload or backdoor when the system restarts. - Scheduled tasks persist after reboots, ensuring continued access. - Can be configured to run at system startup, user login, or at specific time intervals. - Common technique used in malware persistence and post-exploitation frameworks. Example (Windows Scheduled Task for Persistence): schtasks /create /tn "Backdoor" /tr "C:\backdoor.exe" /sc onstart /ru This creates a scheduled task that runs backdoor.exe every time the system boots.

Topics

#persistence#post-exploitation#scheduled tasks

Community Discussion

No community discussion yet for this question.

Full PT0-003 Practice Browse All PT0-003 Questions