What term describes attackers exploiting pre-installed tools on Windows to install and run malicious code?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

What term describes attackers exploiting pre-installed tools on Windows to install and run malicious code?

Explanation:
Leveraging built-in Windows tools to install and run malicious code centers on native applications—the software that already ships with the operating system. Attackers reuse these pre-installed utilities to execute payloads, download additional components, or run commands, which helps them blend in with normal activity and often avoids triggering alarms set for unfamiliar software. Because the focus is on using what is already present on the system rather than introducing new tools, the broad term that fits best is native applications. While PowerShell abuse is a real example of this tactic, it describes a specific tool being misused rather than the general idea of exploiting pre-installed tools. Fileless malware relates to staying in memory or using living-off-the-land techniques, which can involve native tools but is not the exact term for the concept described. Legitimate applications don’t imply misuse, so they don’t capture the malicious exploitation described.

Leveraging built-in Windows tools to install and run malicious code centers on native applications—the software that already ships with the operating system. Attackers reuse these pre-installed utilities to execute payloads, download additional components, or run commands, which helps them blend in with normal activity and often avoids triggering alarms set for unfamiliar software. Because the focus is on using what is already present on the system rather than introducing new tools, the broad term that fits best is native applications.

While PowerShell abuse is a real example of this tactic, it describes a specific tool being misused rather than the general idea of exploiting pre-installed tools. Fileless malware relates to staying in memory or using living-off-the-land techniques, which can involve native tools but is not the exact term for the concept described. Legitimate applications don’t imply misuse, so they don’t capture the malicious exploitation described.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy