nerdexam
CompTIA

SY0-301 · Question #799

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST descri

The correct answer is C. All users have read access to the file.. The test is anonymous - Jane is not authenticated as any specific user. Because she could still download (read) the file without credentials, the permission is not specific to her account; it must be granted to all users, including unauthenticated or anonymous ones. Option C ('Al

Threats, vulnerabilities, and mitigations

Question

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges?

Options

  • AAll users have write access to the directory.
  • BJane has read access to the file.
  • CAll users have read access to the file.
  • DJane has read access to the directory.

How the community answered

(23 responses)
  • A
    4% (1)
  • B
    4% (1)
  • C
    78% (18)
  • D
    13% (3)

Explanation

The test is anonymous - Jane is not authenticated as any specific user. Because she could still download (read) the file without credentials, the permission is not specific to her account; it must be granted to all users, including unauthenticated or anonymous ones. Option C ('All users have read access to the file') is the most accurate conclusion. Option D incorrectly scopes the access to Jane personally, and options A and B are either about write access or too narrowly attributed.

Topics

#penetration testing#file permissions#network shares#access control

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice