CompTIA PenTest+ (PT1-002) — Question 88

A penetration tester would like to obtain FTP credentials by deploying a workstation as an on-path attack between the target and the server that has the FTP protocol. Which of the following methods would be the BEST to accomplish this objective?

Answer options

• A. Wait for the next login and perform a downgrade attack on the server.
• B. Capture traffic using Wireshark.
• C. Perform a brute-force attack over the server.
• D. Use an FTP exploit against the server.

Correct answer: B

Explanation

Capturing traffic using Wireshark is the best method as it allows the penetration tester to intercept and analyze the FTP credentials transmitted over the network. The other options, such as waiting for a login or performing a brute-force attack, are less effective for directly obtaining credentials in a timely manner, while using an exploit could alert the server and compromise stealth.