CompTIA PenTest+ (PT0-003) — Question 118

During a security assessment, a penetration tester wants to compromise user accounts without triggering IDS/IPS detection rules. Which of the following is the most effective way for the tester to accomplish this task?

Answer options

• A. Crack user accounts using compromised hashes.
• B. Brute force accounts using a dictionary attack.
• C. Bypass authentication using SQL injection.
• D. Compromise user accounts using a XSS attack.

Correct answer: A

Explanation

The most effective method for compromising user accounts without triggering detection systems is to crack user accounts using compromised hashes, as this method allows the tester to leverage existing credentials without actively engaging in suspicious behavior. In contrast, brute force attacks and SQL injection are more likely to generate alerts due to their aggressive nature, while XSS attacks typically require user interaction, which can also raise suspicion.