nerdexam
ExamsPT0-001Questions#96
CompTIA

PT0-001 · Question #96

PT0-001 Question #96: Real Exam Question with Answer & Explanation

The correct answer is A: To remove the persistence. The chkconfig --del servicename command removes a service from the system's startup configuration on Linux systems. During a penetration test, testers often install malicious or backdoor services as persistence mechanisms - ensuring they survive reboots. At the end of an engageme

Question

Which of the following is the reason why a penetration tester would run the chkconfig --del servicename command at the end of an engagement?

Options

  • ATo remove the persistence
  • BTo enable penitence
  • CTo report persistence
  • DTo check for persistence

Explanation

The chkconfig --del servicename command removes a service from the system's startup configuration on Linux systems. During a penetration test, testers often install malicious or backdoor services as persistence mechanisms - ensuring they survive reboots. At the end of an engagement, thorough cleanup is required. Running chkconfig --del removes that service from startup, effectively eliminating the persistence the tester established. This is part of responsible post-engagement remediation to leave the system in its original state.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-001 Practice