During an assessment, a tester has gained valid credentials on a target server that supports a secure protocol for remote terminal access. The tester wants to maintain an encrypted, key-based connection for future sessions with minimal system disruptions. Which approach is the best method for accomplishing this?
Add public key data to the legitimate user's configuration file
Implement a custom service that starts a local script upon every boot
Inject a Trojan in a library so commands run whenever the server restarts
Modify the firewall to forward inbound requests to a hidden port
Placing public key data in the legitimate user's configuration file maintains a reliable, encryption-based login and reduces the risk of detection by standard security controls. Creating a custom service can be noticed or disabled by administrators, modifying the firewall introduces connection discrepancies, and injecting a Trojan into a library is more complex and more likely to be detected.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is public key-based authentication?
Open an interactive chat with Bash
Why is adding a public key to a user's configuration file a secure persistence method?
Open an interactive chat with Bash
What risks are avoided by using key-based SSH access compared to other persistence methods?