CompTIA Security+ (SY0-601) — Question 707

After gaining access to a dual-homed (i.e., wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset. This technique is an example of:

Answer options

• A. privilege escalation.
• B. footprinting.
• C. persistence.
• D. pivoting.

Correct answer: D

Explanation

The correct answer is D, pivoting, as it refers to the technique of using one compromised device to access and control other devices on the network. The other options do not accurately describe this scenario: privilege escalation involves gaining higher access rights, footprinting refers to gathering information about a target, and persistence is about maintaining access over time.