While conducting a penetration test, you compromised a workstation in an internal network. You found credentials and discovered a route to a sensitive server storing critical data. Which action best incorporates this path into your ongoing plan?
Launch a password-spraying campaign across hosts in the environment to uncover matching credentials
Develop a diagram that tracks the compromised machine, valid credentials, and the new route for coordinated access steps
Wait until final stages of testing to investigate the uncovered route and pursue deeper privileges on the compromised machine first
Exclude the newly discovered server from the plan and maintain a single route for covert activity
A structured overview showing compromised assets, new paths, and credential usage points helps guide the next moves. Waiting until later or ignoring the new server can cause missed opportunities. Launching broad credential attacks can trigger unwanted alerts and distract from documenting critical links in the plan. Focusing on a single path ignores newly uncovered options.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is it important to develop a diagram during a penetration test?
Open an interactive chat with Bash
What is the risk of launching a password-spraying campaign during a penetration test?
Open an interactive chat with Bash
What is the purpose of prioritizing new routes and assets during a penetration test?