CompTIA Security+ (SY0-601) — Question 256

A penetration tester executes the command crontab -l while working in a Linux server environment. The penetration tester observes the following string in the current user's list of cron jobs:

*/10 * * * * root /writable/update.sh

Which of the following actions should the penetration tester perform NEXT?

Answer options

• A. Privilege escalation
• B. Memory leak
• C. Directory traversal
• D. Race condition

Correct answer: A

Explanation

The correct action is to perform privilege escalation, as the cron job is executed as the root user, allowing the tester to gain elevated access. The other options, such as memory leak, directory traversal, and race condition, do not directly leverage the privilege associated with the cron job to achieve higher access levels.