CompTIA PenTest+ (PT0-003) — Question 99

During an assessment, a penetration tester runs the following command:

dnscmd.exe /config /serverlevelplugindll C:\users\netadm\Documents\addusr.dll

Which of the following is the penetration tester trying to achieve?

Answer options

• A. DNS enumeration
• B. Privilege escalation
• C. Command injection
• D. A list of available users

Correct answer: B

Explanation

The command is attempting to load a DLL file that may allow the tester to gain elevated permissions, indicating a goal of privilege escalation. The other options like DNS enumeration, command injection, and obtaining a list of users do not accurately reflect the intent of modifying the server configuration with a plugin DLL.