During a penetration test, a tester identifies traditional antivirus running on the exploited server. Which of the following techniques would BEST ensure persistence in a post-exploitation phase?
B. Testers who are able to inject their programs into the configuration of existing
daemons or who are able to establish their own daemons for backdoors, C2s, or other
techniques of attack can establish long-term persistence, regardless of the logged-in
users. (Guessing that this is a linux server) For windows - Daemons can be used for persistence and privilege escalation in Linux, but be sure
to look at the Windows equivalent: scheduled tasks.
CompTIA Pentest + passport book
Would go with C.
New User Creation is listed as persitance mechanism according to Comptia.
A. just a shell binary does nothing
D.) also a backdoored exe does not help is it is not run ...
b.) Modifying a demon may get noticed by the antivirus.
but c: won't be detected by a classic AV
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
versun
Highly Voted 3 years, 11 months agosmalltech
Highly Voted 3 years, 11 months agoeroms
3 years, 11 months agodumdada
3 years, 7 months agomiabe
Most Recent 2 years, 10 months agoJetlife
3 years, 1 month agoMrRiver
3 years, 8 months agocarlo479
3 years, 10 months ago