Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CySA+
  5. CS0-003 Discussions
  6. CS0-003 Exam Topic 4 Question 31 Discussion

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 31 Topic 4 Discussion

 CompTIA Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

CompTIA CyberSecurity Analyst CySA+ Certification Exam CS0-003 Question # 31 Topic 4 Discussion

CS0-003 Exam Topic 4 Question 31 Discussion:
Question #: 31
Topic #: 4

An analyst is investigating a phishing incident and has retrieved the following as part of the investigation:

cmd.exe /c c:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -ExecutionPolicy Bypass -NoLogo -NoProfile -EncodedCommand < VERY LONG STRING >

Which of the following should the analyst use to gather more information about the purpose of this command?
A.

Echo the command payload content into ' base64 -d ' .

B.

Execute the command from a Windows VM.

C.

Use a command console with administrator privileges to execute the code.

D.

Run the command as an unprivileged user from the analyst workstation.

Get Premium CS0-003 Questions
Actual exam question for CompTIA CS0-003 exam by Talon2749 at May 24, 2026, 4:25:32 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next