CompTIA PenTest+ (PT0-003) — Question 163

As part of an engagement, a penetration tester wants to maintain access to a compromised system after rebooting. Which of the following techniques would be best for the tester to use?

Answer options

• A. Establishing a reverse shell
• B. Executing a process injection attack
• C. Creating a scheduled task
• D. Performing a credential-dumping attack

Correct answer: C

Explanation

Creating a scheduled task allows the penetration tester to run specific commands or scripts automatically upon system reboot, ensuring persistent access. In contrast, establishing a reverse shell or executing a process injection attack may not survive a reboot, and performing a credential-dumping attack does not help in maintaining access.