A Windows system administrator has received notification from a security analyst regarding new malware that executes under the process name of “armageddon.exe” along with a request to audit all department workstations for its presence. In the absence of GUI-based tools, what command could the administrator execute to complete this task?
C. wmic process list brief | find “armageddon.exe” Explanation: The wmic (Windows Management Instrumentation Command-line) tool allows administrators to query various system components, including running processes. Using wmic process list brief will list all active processes on the system, and find "armageddon.exe" filters the output to search for the specific process name, helping the administrator identify if "armageddon.exe" is running on any workstation. Why the other answers are less suitable: A. ps -ef | grep armageddon: ps is a Linux/Unix command. B. top | grep armageddon: top is a Linux/Unix command D. wmic startup list full | find "armageddon.exe": This command lists startup programs, not actively running processes. It wouldn’t help find if the malware process is currently executing.