Which statement best describes Metasploit payloads that reside in memory and disappear on reboot?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which statement best describes Metasploit payloads that reside in memory and disappear on reboot?

Explanation:
Memory-resident, non-persistent payloads are loaded into the target’s RAM and do not write artifacts to disk. Because nothing is stored on disk and memory is cleared on reboot, the payload vanishes after the system restarts. It may execute in memory as a separate process or be injected into another process, but its defining trait is that it does not persist across reboots. Options that imply writing to disk or creating a persistent loader would leave traces or survive reboot, which is not the behavior described.

Memory-resident, non-persistent payloads are loaded into the target’s RAM and do not write artifacts to disk. Because nothing is stored on disk and memory is cleared on reboot, the payload vanishes after the system restarts. It may execute in memory as a separate process or be injected into another process, but its defining trait is that it does not persist across reboots. Options that imply writing to disk or creating a persistent loader would leave traces or survive reboot, which is not the behavior described.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy