Question
a.
By modifying the sudoers file
b.
By exploiting SUID commands
c.
By using restricted shells
d.
By manipulating the user's home directory
Posted under CompTIA PenTest+ Certification Exam PT0 002
Engage with the Community - Add Your Comment
Confused About the Answer? Ask for Details Here.
Know the Explanation? Add it Here.
Q. How can seemingly innocent permissions to run files lead to privilege escalation using sudo?
Similar Questions
Discover Related MCQs
Q. What limitations are commonly imposed by restricted shells in Linux?
View solution
Q. How can penetration testers break out of restricted shells in Linux?
View solution
Q. When confronted with a restricted shell, what should penetration testers check to identify potential avenues for privilege escalation?
View solution
Q. What utility may be used by penetration testers to escape restricted shells in Linux?
View solution
Q. In the context of privilege escalation on Linux, what should penetration testers check regarding sudo?
View solution
Q. When dealing with a restricted shell, what elements should penetration testers check for potential exploitation?
View solution
Q. Why are Linux kernel exploits considered a favorite tool for penetration testers?
View solution
Q. How does the CVE list classify Linux kernel exploits?
View solution
Q. Which type of Linux kernel exploits is most likely to be useful to penetration testers?
View solution
Q. What is a common opportunity for penetration testers regarding Linux kernel patches?
View solution
Q. How can penetration testers quickly check a Linux system for potential kernel issues?
View solution
Q. Why is it essential for penetration testers to know common attack and exploit techniques for Windows systems?
View solution
Q. What is a common method for harvesting credentials from Windows systems?
View solution
Q. What type of authentication hashes does Windows frequently rely on for authentication purposes?
View solution
Q. What is a characteristic of NTLM hashes used in Windows for authentication?
View solution
Q. How do pass-the-hash attacks work in the context of Windows systems?
View solution
Q. What Registry location contains the password of the logged-in user in an encrypted form on Windows systems?
View solution
Q. How can the encrypted password and encryption key be recovered from the LSA secrets Registry location?
View solution
Q. What information does the Windows Security Accounts Manager (SAM) database contain?
View solution
Q. How can password hashes be dumped from the SAM database on Windows systems?
View solution
Suggested Topics
Are you eager to expand your knowledge beyond CompTIA PenTest+ Certification Exam PT0 002? We've curated a selection of related categories that you might find intriguing.
Click on the categories below to discover a wealth of MCQs and enrich your understanding of Computer Science. Happy exploring!
