PenTest+ PenTest+ Post-Exploitation & Pivoting

Question 1

Which tool is commonly used for maintaining persistent access and post-exploitation activities after initial compromise?

Accepted Answer

Metasploit Meterpreter

Answer

Nmap

Answer

Wireshark

Answer

Nikto

Question 2

Which command finds SUID binaries on Linux that can be abused for privilege escalation?

Accepted Answer

find / -perm -4000 2>/dev/null

Answer

ls -la /bin

Answer

netstat -tulpn

Answer

ps aux --forest

Question 3

What does token impersonation allow an attacker to do in a Windows post-exploitation scenario?

Accepted Answer

Assume the identity and privileges of another logged-in user

Answer

Crash the target system

Answer

Modify Windows Firewall rules

Answer

Encrypt files for ransom

Question 4

Which tool is widely used to extract plaintext passwords and NTLM hashes from Windows LSASS memory?

Accepted Answer

Mimikatz

Answer

John the Ripper

Answer

Hashcat

Answer

Responder

Question 5

What does 'living off the land' (LotL) mean in a post-exploitation context?

Accepted Answer

Using built-in OS tools like PowerShell and WMI to avoid detection

Answer

Deploying custom malware payloads

Answer

Exfiltrating data via DNS queries

Answer

Using zero-day exploits exclusively

Question 6

What is the primary goal of post-exploitation activities during a penetration test?

Accepted Answer

Maintaining access, escalating privileges, and gathering further intelligence

Answer

Scanning for additional open ports

Answer

Running automated vulnerability scans

Answer

Performing password spraying attacks