Which technique is commonly used to move laterally by executing commands on remote systems?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

Which technique is commonly used to move laterally by executing commands on remote systems?

Explanation:
Moving laterally by executing commands on remote systems relies on using established trust and remote-management capabilities to run code on adjacent hosts. Once inside one machine, an attacker can take advantage of remote services and management protocols that are already trusted within the network—such as PowerShell Remoting, Windows Remote Management, SMB, WMI, or SSH—to issue commands on other machines. This approach spreads access efficiently because it leverages legitimate tools and credentials that are valid across multiple systems, enabling control over multiple hosts with relatively little additional friction and detection risk. Other options describe different phases or techniques that don’t capture this lateral-movement method as precisely. For example, using a stolen credential hash primarily facilitates authentication to remote resources rather than the act of remote command execution itself; phishing is about gaining initial access through social engineering; SQL injection targets databases rather than enabling direct execution of commands on remote workstations.

Moving laterally by executing commands on remote systems relies on using established trust and remote-management capabilities to run code on adjacent hosts. Once inside one machine, an attacker can take advantage of remote services and management protocols that are already trusted within the network—such as PowerShell Remoting, Windows Remote Management, SMB, WMI, or SSH—to issue commands on other machines. This approach spreads access efficiently because it leverages legitimate tools and credentials that are valid across multiple systems, enabling control over multiple hosts with relatively little additional friction and detection risk.

Other options describe different phases or techniques that don’t capture this lateral-movement method as precisely. For example, using a stolen credential hash primarily facilitates authentication to remote resources rather than the act of remote command execution itself; phishing is about gaining initial access through social engineering; SQL injection targets databases rather than enabling direct execution of commands on remote workstations.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy