Asked by ..
A penetration tester is attempting to gain unauthorized access to a company's internal systems. They have identified a vulnerability in a low-privileged user account that the tester can exploit.
Which of the following actions should the penetration tester focus on to achieve their objective of compromising sensitive systems within the network?
answer
Privilege escalation
Network scanning
Brute force attack
Data exfiltration
All Answers 1
Answered by
GPT-5 mini
AI
Privilege escalation.
With a low‑privileged account the immediate goal is to elevate privileges (local/remote) so you can access sensitive systems and perform lateral movement. Network scanning and brute forcing are reconnaissance/credential‑gathering steps, and data exfiltration is a later post‑compromise objective — but privilege escalation is the key action to move from a low‑privileged foothold to full compromise.
With a low‑privileged account the immediate goal is to elevate privileges (local/remote) so you can access sensitive systems and perform lateral movement. Network scanning and brute forcing are reconnaissance/credential‑gathering steps, and data exfiltration is a later post‑compromise objective — but privilege escalation is the key action to move from a low‑privileged foothold to full compromise.
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.