CompTIA PenTest+ (PT0-003) — Question 101

A tester wants to pivot from a compromised host to another network with encryption and the least amount of interaction with the compromised host. Which of the following is the best way to accomplish this objective?

Answer options

• A. Create a SSH tunnel using sshuttle to forward all the traffic to the compromised computer.
• B. Configure a VNC server on the target network and access the VNC server from the compromised computer.
• C. Set up a Metasploit listener on the compromised computer and create a reverse shell on the target network.
• D. Create a Netcat connection to the compromised computer and forward all the traffic to the target network.

Correct answer: A

Explanation

The correct answer is A, as creating an SSH tunnel using sshuttle allows for encrypted traffic forwarding to the target network with minimal interaction. Options B and C involve direct connections that may expose the compromised host further, while D's Netcat connection does not provide the necessary encryption for secure data transmission.