PT0-003
Post-Exploitation and Lateral Movement
hard
Question 6 of 14

After compromising a Linux web server, a penetration tester wants to establish persistence without creating a new user account. Which technique would achieve this while remaining less visible to basic user account audits?

AAdding the tester's SSH public key to the root user's authorized_keys file
BCreating a new local admin account
CModifying /etc/passwd to add a new root-level user
DEnabling telnet on the server

More Post-Exploitation and Lateral Movement Questions

14 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which term describes the technique of maintaining access to a compromised system across reboots or c...

easy

A penetration tester has compromised a Windows workstation in a domain environment and wants to move...

medium

A penetration tester has compromised a host within a target network and wants to access an internal ...

medium

A penetration tester has gained access to a Windows domain environment and uses BloodHound to analyz...

hard

During the post-exploitation phase, a penetration tester documents all commands executed, files acce...

medium
View all Post-Exploitation and Lateral Movement questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account