A PenTester wants to initiate persistence on a system. What are some options that the PenTester can use to do this? (Select all that apply.)A.BackdoorB.Reverse shellsC.Log in to the systemD.Run as a service
Question
A PenTester wants to initiate persistence on a system. What are some options that the PenTester can use to do this? (Select all that apply.)A.BackdoorB.Reverse shellsC.Log in to the systemD.Run as a service
Solution
The options that a PenTester can use to initiate persistence on a system are:
A. Backdoor: This is a method where the attacker installs software to allow them to access the system at a later date, even if the vulnerability that was originally exploited is patched.
B. Reverse shells: This is a type of shell in which the target machine communicates back to the attacking machine. The attacking machine has a listener port on which it receives the connection, which by using a reverse shell, can be initiated by the outbound connection from the target machine.
D. Run as a service: Services are background processes that are usually initiated at system startup. If the attacker can install a service, it can be configured to run every time the system starts, providing persistent access.
Option C, "Log in to the system", is not a method of initiating persistence. It's a method of accessing a system, but it doesn't provide the ongoing access that's characteristic of persistence.
Similar Questions
A PenTester needs to have continuous persistent access to a Linux system. What method can the PenTester use to accomplish this?A.CronB.DaemonC.ServiceD.Registry
40.0% completeQuestionA PenTester needs to write a script to exploit a system and wants to keep it simple by using a general-purpose interpreted programming language that any new PenTesters joining the team in the future can easily understand. What options are available to the PenTester? (Select all that apply.)A.PerlB.PowerShellC.PythonD.Ruby
A PenTester is using a tool that allows the PenTester to pivot from one host to another exfiltrating files from each target to the PenTester's own host. What tool is the PenTester most likely using?A.RegistryB.NetcatC.RATD.Cron job
Scenario: You are a penetration tester who has been hired by a company to perform a security assessment of their network. During the assessment, you successfully gain access to one of the company's servers. However, the company's policy prohibits you from adding persistence to your connection or installing any backdoors on their servers. What should you do in this situation?Select one:a.Attempt to add persistence to your connection without the company's knowledgeb.Ignore the company's policy and proceed with adding persistence to your connectionc.Disconnect from the server and report your findings to the company's security teamd.Inform the company's security team of your access to the server and request permission to add persistence to your connection
Scenario: You are a penetration tester who has been hired by a company to perform a security assessment of their network. During the assessment, you successfully gain access to one of the company's servers. However, the company's policy prohibits you from adding persistence to your connection or installing any backdoors on their servers. What should you do in this situation?Select one:a.Inform the company's security team of your access to the server and request permission to add persistence to your connectionb.Ignore the company's policy and proceed with adding persistence to your connectionc.Disconnect from the server and report your findings to the company's security teamd.Attempt to add persistence to your connection without the company's knowledge
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.