CompTIA PenTest+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CompTIA PenTest+ Exam with flashcards and multiple choice questions. Each question offers hints and detailed explanations, empowering you for success!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What technique might be exploited on a Windows server to achieve privilege escalation?

  1. Privilege delegation

  2. Token impersonation

  3. Sticky Bits

  4. Service account exploitation

The correct answer is: Sticky Bits

The technique that can be exploited on a Windows server to achieve privilege escalation is token impersonation. In a Windows environment, a security token contains user credentials and group memberships that determine what resources a process can access. Attackers can exploit weaknesses in token management to impersonate a more privileged user or system account, allowing them to elevate their own privileges beyond what their account typically allows. This technique can be particularly effective if an application or service running with higher privileges does not properly restrict access to its security tokens. By leveraging token impersonation, an attacker can execute processes or access files with the rights of the impersonated user, potentially leading to gain administrative privileges on the system. Privilege delegation, sticky bits, and service account exploitation are relevant topics in the context of security and privilege management, but they do not specifically illustrate the mechanism by which an attacker can elevate their privileges as effectively as token impersonation does in Windows.

More Questions Like This