CompTIA Security+ (SY0-601) — Question 448

A user downloaded an extension for a browser and the user’s device later became infected. The analyst who is investigating the incident saw various logs where the attacker was hiding activity by deleting data. The following was observed running:

New-Partition -DiskNumber 2 -UseMaximumSize -AssignDriveLetter C| Format-Volume -DriveLetter C - FileSystemLabel "New"-FileSystem NTFS - Full -Force -Confirm:$false |

Which of the following is the malware using to execute the attack?

Answer options

• A. PowerShell
• B. Python
• C. Bash
• D. Macros

Correct answer: A

Explanation

The command is written in PowerShell, which is a task automation and configuration management framework. Python, Bash, and Macros do not utilize the same syntax or command structure as seen in the provided PowerShell command, making them incorrect choices.