CompTIA PT0-003 Exam - Topic 3 Question 33 Discussion

Actual exam question for CompTIA's PT0-003 exam

Question #: 33
Topic #: 3

[All PT0-003 Questions]

[Tools and Code Analysis]

During an assessment, a penetration tester gains access to one of the internal hosts. Given the following command:

schtasks /create /sc onlogon /tn "Windows Update" /tr "cmd.exe /c reverse_shell.exe"

Which of the following is the penetration tester trying to do with this code?

AEnumerate the scheduled tasks

BEstablish persistence

CDeactivate the Windows Update functionality

DCreate a binary application for Windows System Updates

Show Suggested Answer

Suggested Answer: B

The command creates a scheduled task that executes a reverse shell payload at logon, ensuring persistence.

Option A (Enumerate tasks) : This command creates a task, not lists tasks (schtasks /query is used for enumeration).

Option B (Establish persistence) : Correct.

The attacker ensures a reverse shell opens every time a user logs in.

Option C (Deactivate Windows Update) : The task is named 'Windows Update' but does not disable updates.

Option D (Create a Windows Update binary) : This executes a reverse shell, not a system update.

Reference: CompTIA PenTest+ PT0-003 Official Guide -- Windows Persistence Techniques

by Elenor at Mar 07, 2026, 02:09 AM

Limited Time Offer

25%

Off

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!