CompTIA PenTest+ (PT0-002) — Question 435

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

Answer options

• A. Create a one-shot system service to establish a reverse shell
• B. Obtain /etc/shadow and brute force the root password.
• C. Run the nc ג€"e /bin/sh <ג€¦> command
• D. Move laterally to create a user account on LDAP

Correct answer: A

Explanation

Creating a one-shot system service to establish a reverse shell allows the tester to regain access automatically upon reboot, making it the best option for persistence. Brute-forcing the root password does not guarantee ongoing access, while running the nc command is a one-time action and does not persist after a reboot. Moving laterally to create a user account on LDAP does not directly address maintaining access on the compromised server.