Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA PT0-003 Exam - Topic 4 Question 12 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 12
Topic #: 4
[All PT0-003 Questions]

Which of the following post-exploitation activities allows a penetration tester to maintain persistent access in a compromised system?

Show Suggested Answer Hide Answer
Suggested Answer: A

Maintaining persistent access in a compromised system is a crucial goal for a penetration tester after achieving initial access. Here's an explanation of each option and why creating registry keys is the preferred method:

Creating registry keys (Answer: A):

Advantages: This method is stealthy and can be effective in maintaining access over long periods, especially on Windows systems.

Example: Adding a new entry to the HKLMSoftwareMicrosoftWindowsCurrentVersionRun registry key to execute a malicious script upon system boot.

Drawbacks: This method is less stealthy and can be easily detected by network monitoring tools. It also requires an open port, which might be closed or filtered by firewalls.

Executing a process injection (Option C):

Drawbacks: While effective for evading detection, it doesn't inherently provide persistence. The injected code will typically be lost when the process terminates or the system reboots.

Setting up a reverse SSH connection (Option D):

Drawbacks: This method can be useful for maintaining a session but is less reliable for long-term persistence. It can be disrupted by network changes or monitoring tools.

Conclusion: Creating registry keys is the most effective method for maintaining persistent access in a compromised system, particularly in Windows environments, due to its stealthiness and reliability.


Installing a bind shell (Option B):

by Ling at Sep 19, 2024, 03:25 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Bette
4 months ago
Totally agree with the bind shell option!
upvoted 0 times
...
Lindsay
5 months ago
Process injection is risky but can be effective for stealth.
upvoted 0 times
...
Albert
5 months ago
Wait, can you really maintain access just by creating registry keys?
upvoted 0 times
...
Louann
5 months ago
I think setting up a reverse SSH connection is more reliable.
upvoted 0 times
...
Kaycee
5 months ago
Installing a bind shell is a classic method for persistence.
upvoted 0 times
...
Ariel
6 months ago
Reverse SSH connections seem like a solid choice for maintaining access, but I wonder if they are as reliable as bind shells.
upvoted 0 times
...
Annalee
6 months ago
Process injection sounds familiar, but I can't recall if it really provides persistent access like the others.
upvoted 0 times
...
Phyliss
6 months ago
I remember practicing with bind shells in lab sessions; they definitely allow for persistent access, so I might lean towards that.
upvoted 0 times
...
Alpha
6 months ago
I think creating registry keys might help with persistence, but I'm not entirely sure if it's the best option here.
upvoted 0 times
...
Afton
6 months ago
Process injection could be an interesting approach, but I'm not sure if that's the best option for persistent access.
upvoted 0 times
...
Stevie
6 months ago
Setting up a reverse SSH connection is the way to go here. That's the most stealthy and reliable option.
upvoted 0 times
...
Dorcas
6 months ago
Hmm, not sure about this one. I'll have to think it through carefully and eliminate the wrong answers.
upvoted 0 times
...
Mari
6 months ago
This looks like a classic post-exploitation question. I'm pretty confident I can handle this one.
upvoted 0 times
...
Ben
6 months ago
Installing a bind shell seems like the way to go for maintaining persistent access. That's my best guess.
upvoted 0 times
...
Barb
6 months ago
Hmm, this seems like a straightforward question about step-rate increases. I'll need to carefully read through the answer choices to determine the correct timing of the pay increases.
upvoted 0 times
...
Hannah
1 year ago
This is a no-brainer, folks. If you want to maintain access, a rHannahrse SSH connection is the way to do it. It's like having a secret backdoor, but with a fancy name.
upvoted 0 times
...
Juan
1 year ago
You know, I was tempted to choose A, but then I remembered that registry keys can be easily detected. Gotta go with the sneakier option, D.
upvoted 0 times
Ivette
1 year ago
Definitely, D is a stealthier approach compared to A.
upvoted 0 times
...
Veronika
1 year ago
I think D is the best option for maintaining persistent access.
upvoted 0 times
...
Ira
1 year ago
Yeah, D is a good way to maintain access without being easily detected.
upvoted 0 times
...
Carrol
1 year ago
I agree, A can be risky. D seems like a safer choice.
upvoted 0 times
...
...
Staci
1 year ago
Nah, I'm going with C. Process injection is where it's at for persistent access. More stealthy than a bind shell, in my opinion.
upvoted 0 times
...
Viva
2 years ago
I'd go with B. Installing a bind shell is a classic technique for keeping that foothold in the system.
upvoted 0 times
...
Nicolette
2 years ago
Hmm, I think option D is the way to go. Setting up a reverse SSH connection seems like a solid way to maintain persistent access.
upvoted 0 times
Buffy
1 year ago
Installing a bind shell might be another option to consider.
upvoted 0 times
...
Soledad
1 year ago
Creating registry keys could also work for maintaining access.
upvoted 0 times
...
Phuong
1 year ago
I agree, setting up a reverse SSH connection is a good choice.
upvoted 0 times
...
...
Dorothy
2 years ago
Haha, you know what they say: 'The best way to maintain access is to nDorothyr lose it in the first place!' But if I had to choose, I'd go with D. RDorothyrse SSH is the way to go, my friends.
upvoted 0 times
...
Lucina
2 years ago
Ah, the age-old question of post-exploitation persistence. I'd have to say D - the reverse SSH connection is the way to go. Gotta love that sneaky remote access!
upvoted 0 times
Tula
1 year ago
User 2: Installing a bind shell can also be useful for persistence.
upvoted 0 times
...
Lilli
1 year ago
User 3: Creating registry keys is another method to consider for post-exploitation activities.
upvoted 0 times
...
Gregoria
1 year ago
I agree, setting up a reverse SSH connection is key for maintaining access.
upvoted 0 times
...
...
Tien
2 years ago
C is interesting, but I'm not sure if process injection is the best long-term solution. I'm leaning towards D as well.
upvoted 0 times
Layla
1 year ago
D) Setting up a reverse SSH connection
upvoted 0 times
...
Francine
1 year ago
C) Executing a process injection
upvoted 0 times
...
Leontine
1 year ago
B) Installing a bind shell
upvoted 0 times
...
Dean
2 years ago
A) Creating registry keys
upvoted 0 times
...
...
Judy
2 years ago
I'm torn between B and D. A bind shell or a reverse SSH connection could both work, but I think the reverse SSH might be a bit more subtle.
upvoted 0 times
Arlyne
1 year ago
True, but I think a reverse SSH connection is harder to detect.
upvoted 0 times
...
Stefania
2 years ago
Creating registry keys could also help maintain access.
upvoted 0 times
...
Stefania
2 years ago
Yeah, it's more stealthy than installing a bind shell.
upvoted 0 times
...
Magnolia
2 years ago
I think setting up a reverse SSH connection is the way to go.
upvoted 0 times
...
...
Josephine
2 years ago
I'm not sure, but I think both B) and D) could be used for maintaining persistent access.
upvoted 0 times
...
Mertie
2 years ago
Hmm, I'd go with D. Setting up a reverse SSH connection seems like the most reliable way to maintain access.
upvoted 0 times
Kenneth
2 years ago
I think installing a bind shell could also work well for maintaining access.
upvoted 0 times
...
Edmond
2 years ago
I agree, setting up a reverse SSH connection is a good choice.
upvoted 0 times
...
...
King
2 years ago
I disagree, I believe the correct answer is D) Setting up a reverse SSH connection.
upvoted 0 times
...
Lavina
2 years ago
I think the answer is B) Installing a bind shell.
upvoted 0 times
...

Save Cancel