During an assessment, a tester has gained valid credentials on a target server that supports a secure protocol for remote terminal access. The tester wants to maintain an encrypted, key-based connection for future sessions with minimal system disruptions. Which approach is the best method for accomplishing this?
Modify the firewall to forward inbound requests to a hidden port
Inject a Trojan in a library so commands run whenever the server restarts
Add public key data to the legitimate user's configuration file
Implement a custom service that starts a local script upon every boot
Placing public key data in the legitimate user's configuration file maintains a reliable, encryption-based login and reduces the risk of detection by standard security controls. Creating a custom service can be noticed or disabled by administrators, modifying the firewall introduces connection discrepancies, and injecting a Trojan into a library is more complex and more likely to be detected.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of adding public key data to a user's configuration file?
Open an interactive chat with Bash
Why is using key-based authentication less detectable than other methods like modifying a firewall or injecting a Trojan?
Open an interactive chat with Bash
How does the key-based encrypted connection work after the public key is added?