CompTIA PenTest+ (PT0-003) — Question 119

During a penetration test, a tester attempts to pivot from one Windows 10 system to another Windows system. The penetration tester thinks a local firewall is blocking connections. Which of the following command-line utilities built into Windows is most likely to disable the firewall?

Answer options

• A. certutil.exe
• B. bitsadmin.exe
• C. msconfig.exe
• D. netsh.exe

Correct answer: D

Explanation

The correct answer is D, netsh.exe, as it is specifically designed to manage network configurations, including firewall settings. The other options, such as certutil.exe, bitsadmin.exe, and msconfig.exe, do not provide functionality to disable the firewall and are used for different purposes.