Which command would NOT effectively hide an executable using an alternate data stream?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the CertMaster PenTest+ exam with flashcards and multiple-choice questions. Each question includes hints and explanations. Get ready for your exam with our engaging and effective study tools!

Multiple Choice

Which command would NOT effectively hide an executable using an alternate data stream?

Explanation:
The command that does not effectively hide an executable using an alternate data stream is the one that simply copies the executable file to a new location without creating an alternate data stream. When you use the copy command in this manner, it results in a standard file copy. This means that the original executable retains its attributes and visibility, while the copied file does not utilize the alternate data stream feature. Alternate data streams (ADS) are a feature of NTFS file systems that allow you to associate additional metadata with a file, hence making it possible to hide files like executables. Options that involve the use of ">" or naming conventions that specifically identify an alternate data stream (as is the case with the other commands) do indeed create and utilize such streams, effectively hiding the executables from normal file listings. Thus, the copy command does not utilize the ADS capability, hence it does not achieve the aim of hiding the executable effectively.

The command that does not effectively hide an executable using an alternate data stream is the one that simply copies the executable file to a new location without creating an alternate data stream. When you use the copy command in this manner, it results in a standard file copy. This means that the original executable retains its attributes and visibility, while the copied file does not utilize the alternate data stream feature.

Alternate data streams (ADS) are a feature of NTFS file systems that allow you to associate additional metadata with a file, hence making it possible to hide files like executables. Options that involve the use of ">" or naming conventions that specifically identify an alternate data stream (as is the case with the other commands) do indeed create and utilize such streams, effectively hiding the executables from normal file listings.

Thus, the copy command does not utilize the ADS capability, hence it does not achieve the aim of hiding the executable effectively.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy