🔥 3-day streak
CompTIA PenTest+ (PT0-003)167 / 175
Question 167 of 175

During an internal engagement, you have compromised a workstation and recovered valid domain administrator credentials. You want to execute a payload on a remote server (10.10.5.20) to move laterally, but the client's SOC is actively monitoring for new service creation events (Event ID 7045) generated by tools like PsExec. Which technique allows you to execute commands remotely while avoiding the creation of a new Windows service on the target?

Reviewed for accuracy · Report an issueNext question