windows command line

Question 1

what is the default interpreter for windows command line?

Answer 1

cmd.exe

Question 2

set

Answer 2

checks your path from the command line. The terminal output shows the path where MS Windows will execute commands, as indicated by the line starting with Path=.

Question 3

ver

Answer 3

determine the operating system (OS) version.

Question 4

systeminfo

Answer 4

ist various information about the system such as OS information, system details, processor and memory.

Question 5

more

Answer 5

?? how do you go backwards

allows you to go page by page

Question 6

pipe

Answer 6

combines commands?

Question 7

driverquery

Question 8

ctrl + c

Answer 8

exit

Question 9

help - Provides help information for a specific command

Question 10

cls - Clears the Command prompt screen

Question 11

ipconfig

Answer 11

check network information

Question 12

ipconfig /all

Answer 12

how do es it differ from ipconfig without the /all

Question 13

ping target_name

Answer 13

checking if the server can access a particular server on the Internet. ICMP packet and listen for a response. If a response is received, we know that we can reach the target and that the target can reach us.

what does it mean if you get request timed out on thm machien?

Question 14

tracert target_name

Answer 14

traces the network route traversed to reach the target. it expects the routers on the path to notify us if they drop a packet because its time-to-live (TTL) has reached zero.

Question 15

ns lookup

Answer 15

nslookup. It looks up a host or domain and returns its IP address. The syntax nslookup example.com will look up example.com using the default name server; however, nslookup example.com 1.1.1.1 will use the name server one.one.one.one. The terminal below shows the output of both commands.

Question 16

netstat

Answer 16

displays current network connections and listening ports. A basic netstat command with no arguments will show you established connections

Question 17

If you are curious about the other options, you can run netstat -h, where -h displays the help page. We opted for the following options:

-a displays all established connections and listening ports
-b shows the program associated with each listening port and established connection
-o reveals the process ID (PID) associated with the connection
-n uses a numerical form for addresses and port numbers

Question 18

cd

Answer 18

display current drive & directory

Question 19

dir

Answer 19

view child directories in current drive & directory

Question 20

syntax for logging in using ssh

Answer 20

ssh username@ip address

yes

password

Answer 21

dir /a - Displays hidden and system files as well.

Answer 22

dir /s - Displays files in the current directory and all subdirectories.

Question 23

tree

Answer 23

You can type tree to visually represent the child directories and subdirectories.

Question 24

cd target_directory; this is equivalent to double-clicking the target_directory on your desktop. F

Question 25

urthermore, you can use cd ..

Answer 25

go up one level

Question 26

how to make a directory (folder)

Answer 26

mkdir directory_name; mkdir stands for make directory.

Question 27

how to remove directory

Answer 27

To delete a directory, use rmdir

Question 28

view a text file

Answer 28

You can easily view text files with the command type. This command will dump the contents of the text file on the screen; this is convenient for files that fit within your terminal window.

Question 29

more

Answer 29

more for longer text files. This command will display enough text file contents to fill your terminal window. In other words, for long text files, more will display a single page and wait for you to press Spacebar to move by one page (flip the page) or Enter to move by WHATS THE SYNTAX OF HOW TO GO BACKWARDS AND DOES IT PAGINATE

Question 30

copy

Answer 30

copy test.txt test2.txt

Question 31

movemcommand

Answer 31

need syntax

Question 32

delete a file

Answer 32

Finally, we can delete a file using del or erase.

Question 33

wildcard character

Answer 33

* to refer to multiple files. For example, copy *.md C:\Markdown will copy all files with the extension md to the directory C:\Markdown.

Question 34

list running processes

Answer 34

We can list the running processes using tasklist.

Question 35

check all task list filters

Answer 35

tasklist /?

Question 36

unpack this command

Answer 36

and tasklist /FI "imagename eq sshd.exe". Note that /FI is used to set the filter image name equals sshd.exe.

Question 37

kill any task by PID

Answer 37

taskkill /PID target_pid

Question 38

chkdsk: checks the file system and disk volumes for errors and bad sectors. driverquery: displays a list of installed device drivers. sfc /scannow: scans system files for corruption and repairs them if possible.

Question 39

/? can be used with most commands to display a help page.

Question 40

used the command more in two ways: Display text files: more file.txt Pipe long output to view it page by page: some_command | more

Question 41

shutdown /s can shut down a system. What is the command you can use to restart a sys

Question 42

shutdown /r

Answer 42

restart

Question 43

what is windows powershell

Answer 43

tool from Microsoft designed for task automation and configuration management. It combines a command-line interface and a scripting language built on the .NET framework. Unlike older text-based command-line tools, PowerShell is object-oriented, which means it can handle complex data types and interact with system components more effectively.

Question 44

explain objects in powershell

Answer 44

objects are fundamental units that encapsulate data and functionality, making it easier to manage and manipulate information. An object in PowerShell can contain file names, usernames or sizes as data (properties), and carry functions (methods) such as copying a file or stopping a process.

Question 45

cmdlet

Answer 45

powershell commands ollow a consistent Verb-Noun naming convention. This structure makes it easy to understand what each cmdlet does. The Verb describes the action, and the Noun specifies the object on which action is performed. For example:

Question 46

Get-Command. It’s an essential tool for discovering what commands one can use.

Answer 46

each CommandInfo object retrieved by the cmdlet,

Question 47

-CommandType "Function"

Question 48

Get-Help: it provides detailed information about cmdlets, including usage, parameters, and examples. It’s the go-to cmdlet for learning how to use PowerShell commands.

Question 49

-examples

Answer 49

we can retrieve other useful information about a cmdlet by appending some options to the basic syntax. For example, by appending -examples to the command displayed above, we will be shown a list of common ways in which the chosen cmdlet can be used.

Question 50

aliases —which are shortcuts or alternative names for cmdlets— for many traditional Windows commands. Indispensable for users already familiar with other command-line tools, Get-Alias lists all aliases available. For example, dir is an alias for Get-ChildItem, and cd is an alias for Set-Location.

Question 51

possibility of extending its functionality by downloading additional cmdlets from online repositories.

Question 52

To search for modules (collections of cmdlets) in online repositories like the PowerShell Gallery, we can use Find-Module. Sometimes, if we don’t know the exact name of the module, it can be useful to search for modules with a similar name. We can achieve this by filtering the Name property and appending a wildcard (*) to the module’s partial name, using the following standard PowerShell syntax: Cmdlet -Property "pattern*".

Question 53

modules can be downloaded and installed from the repository with Install-Module, making new cmdlets contained in the module available for use.

Question 54

Get-Content: Retrieves (gets) the content of a file and displays it in the console. Set-Location: Changes (sets) the current working directory.

Question 55

To list all available cmdlets, functions, aliases, and scripts that can be executed in the current PowerShell session, we can use Get-Command

Question 56

It’s possible to filter the list of commands based on displayed property values. For example, if we want to display only the available commands of type “function”, we can use -CommandType "Function"

Question 57

Get-Help: it provides detailed information about cmdlets, including usage, parameters, and examples. It’s the go-to cmdlet for learning how to use PowerShell command

Question 58

Get-Help informs us that we can retrieve other useful information about a cmdlet by appending some options to the basic syntax. For example, by appending -examples

Question 59

Get-Help Get-Date -examples

Question 60

dir is an alias for Get-ChildItem, and cd is an alias for Set-Location.

Question 61

navigate to a different directory, we can use the Set-Location cmdlet. It changes the current directory, bringing us to the specified path, akin to the cd command in Command Prompt.

Question 62

ls in Unix-like systems), Get-ChildItem lists the files and directories in a location specified with the -Path parameter. It can be used to explore directories and view their contents. If no Path is specified, the cmdlet will display the content of the current working directory.

Question 63

New-Item. We will need to specify the path of the item and its type (whether it is a file or a directory). New-Item -Path ".\captain-cabin\captain-wardrobe" -ItemType "Directory"

Question 64

Remove-Item cmdlet removes both directories and files, whereas in Windows CLI we have separate commands rmdir and del.

Answer 64

PS C:\Users\captain\Documents> Remove-Item -Path ".\captain-cabin\captain-wardrobe\captain-boots.txt"

Question 65

We can copy or move files and directories alike, using respectively Copy-Item (equivalent to copy) and Move-Item (equivalent to move).

Question 66

piping

Answer 66

Piping is a technique used in command-line environments that allows the output of one command to be used as the input for another. This creates a sequence of operations where the data flows from one command to the next. PowerShell, piping is even more powerful because it passes objects rather than just text. goes from left to right

Question 67

Where-Object

Answer 67

filter objects based on specified conditions, returning only those that meet the criteria, we can use the

Question 68

equal (-eq) to

Question 69

-ne: "not equal". This operator can be used to exclude objects from the results based on specified criteria. -gt: "greater than". This operator will filter only objects which exceed a specified value. It is important to note that this is a strict comparison, meaning that objects that are equal to the specified value will be excluded from the results. -ge: "greater than or equal to". This is the non-strict version of the previous operator. A combination of -gt and -eq. -lt: "less than". Like its counterpart, "greater than", this is a strict operator. It will include only objects which are strictly below a certain value. -le: "less than or equal to". Just like its counterpart -ge, this is the non-strict version of the previous operator. A combination of -lt and -eq. Below, another example shows that objects can also be filtered by selecting properties that match (-like) a specified pattern:

Question 70

Select-Object, is used to select specific properties from objects or limit the number of objects returned. It’s useful for refining the output to show only the details one needs.

Question 71

Select-String. This cmdlet searches for text patterns within files, similar to grep in Unix-based systems or findstr in Windows Command Prompt.

Question 72

Get-ComputerInfo

Answer 72

retrieves comprehensive system information, including operating system information, hardware specifications, BIOS details, and more. It provides a snapshot of the entire system configuration in a single command.

Question 73

Get-LocalUser

Answer 73

lists all the local user accounts on the system. The default output displays, for each user, username, account status, and description.

Question 74

Get-NetIPConfiguration

Answer 74

provides detailed information about the network interfaces on the system, including IP addresses, DNS servers, and gateway configurations.

Question 75

Get-NetIPAddress

Answer 75

show details for all IP addresses configured on the system, including those that are not currently active.

Question 76

Get-Process

Answer 76

provides a detailed view of all currently running processes, including CPU and memory usage, making it a powerful tool for monitoring and troubleshooting.

Question 77

Get-Service

Answer 77

allows the retrieval of information about the status of services on the machine, such as which services are running, stopped, or paused. It is used extensively in troubleshooting by system administrators, but also by forensics analysts hunting for anomalous services installed on the system.

Question 78

Get-FileHash

Answer 78

generating file hashes, which is particularly valuable in incident response, threat hunting, and malware analysis, as it helps verify file integrity and detect potential tampering.

Question 78

Get-NetTCPConnection

Answer 78

displays current TCP connections, giving insights into both local and remote endpoints. This cmdlet is particularly handy during an incident response or malware analysis task, as it can uncover hidden backdoors or established connections towards an attacker-controlled server.

Question 79

scripting

Answer 79

writing and executing a series of commands contained in a text file, known as a script, to automate tasks that one would generally perform manually in a shell, like PowerShell. is like giving a computer a to-do list, where each line in the script is a task that the computer will carry out automatically.