CompTIA PenTest+ (PT0-001) — Question 157

A penetration tester wants to check manually if a `ghost` vulnerability exists in a system. Which of the following methods is the correct way to validate the vulnerability?

Answer options

• A. Download the GHOST file to a Linux system and compile gcc ג€"o GHOST test i: ./GHOST
• B. Download the GHOST file to a Windows system and compile gcc ג€"o GHOST GHOST.c test i: ./GHOST
• C. Download the GHOST file to a Linux system and compile gcc ג€"o GHOST GHOST.c test i: ./GHOST
• D. Download the GHOST file to a Windows system and compile gcc ג€"o GHOST test i: ./GHOST

Correct answer: C

Explanation

The correct answer is C because it specifies downloading the GHOST file on a Linux system and compiling it correctly with the appropriate command. Options A and D contain incorrect commands or platforms, and option B uses the wrong file and command structure for Windows systems.