Maintaining Access

5 minutes 5 Questions

Maintaining access is a critical phase in the penetration testing process during which the attacker establishes a persistent presence within the compromised target system or network. This may involve creating backdoors, planting rootkits, and deploying other types of malware that allow the attacker…

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

A company requires remote employees to access internal resources via a VPN. The security team notices a significant increase in unauthorized access with credentials from remote employees. Which of the following should be implemented to mitigate the risk?

Network segmentation Data loss prevention Multifactor authentication Role-based access control

Correct Answer: Multifactor authentication

Multifactor authentication (MFA) adds an additional layer of security by requiring additional factors besides the traditional username and password. By implementing MFA, unauthorized access can be significantly reduced, as attackers are less likely to possess the additional authentication factors.

Question 2

A security analyst discovers suspicious network traffic originating from a single user’s workstation. Which of the following tools should the analyst use to identify and prevent further unauthorized access?

Stateful firewall Host-based intrusion prevention system (HIPS) Virtual Private Network (VPN) Anti-virus

Correct Answer: Host-based intrusion prevention system (HIPS)

A host-based intrusion prevention system (HIPS) is an ideal solution for identifying and blocking potentially malicious traffic originating from a single workstation. HIPS can proactively monitor system behavior, detect unauthorized access attempts, and prevent them from causing harm.

Question 3

A company has decided to implement BYOD policies. The security administrator is concerned with unauthorized access to the corporate resources. Which of the following should be recommended?

Full disk encryption Two-factor authentication Network access control (NAC) Role-based access control

Correct Answer: Network access control (NAC)

Network access control (NAC) provides the ability to check users' devices before allowing them to connect to the network. NAC ensures that users' devices comply with specific policies and restricts or blocks non-compliant devices, reducing the risk of unauthorized access to the corporate resources.

Unlock Premium Access

CompTIA Security+

Maintaining Access

Guide for Maintaining Access in Penetration Testing with CompTIA Security+

CompTIA Security+ - Maintaining Access Example Questions

Question 1

Question 2

Question 3

Unlock Premium Access