🔥 3-day streak
CompTIA PenTest+ (PT0-003)154 / 175
Question 154 of 175

During post-exploitation on a compromised Windows workstation, a penetration tester has obtained a standard domain user's context. Before attempting privilege escalation, the tester wants to enumerate what other systems and file shares this user can already reach with existing credentials — without dropping additional tools or triggering AV. Which built-in command approach BEST accomplishes this initial lateral-movement reconnaissance?

Reviewed for accuracy · Report an issueNext question