Which Windows PowerShell cmdlet lists all running processes on the local system?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which Windows PowerShell cmdlet lists all running processes on the local system?

Explanation:
To see what’s currently running, you use a command designed to enumerate processes. Get-Process returns process objects for processes running on the local computer by default, showing details like Id, ProcessName, CPU, and memory usage. It’s the direct way to list all active processes, and you can refine the output with further formatting or filtering, for example: Get-Process | Select-Object Id, ProcessName, CPU, WorkingSet. The other commands serve different purposes: Get-Service lists Windows services and their status, not the active processes. Get-Item accesses a single item (such as a file, registry entry, or other item depending on the provider). Get-EventLog reads entries from Windows event logs, not the running processes.

To see what’s currently running, you use a command designed to enumerate processes. Get-Process returns process objects for processes running on the local computer by default, showing details like Id, ProcessName, CPU, and memory usage. It’s the direct way to list all active processes, and you can refine the output with further formatting or filtering, for example: Get-Process | Select-Object Id, ProcessName, CPU, WorkingSet.

The other commands serve different purposes: Get-Service lists Windows services and their status, not the active processes. Get-Item accesses a single item (such as a file, registry entry, or other item depending on the provider). Get-EventLog reads entries from Windows event logs, not the running processes.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy