Which Nikto test category looks for resources that allow an attacker to execute shell commands or gain a remote shell?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which Nikto test category looks for resources that allow an attacker to execute shell commands or gain a remote shell?

Explanation:
This question tests recognizing which Nikto category targets risks where an attacker can run commands on the server or open a remote shell. The category named for shell command execution/remote shell is the one that looks for exactly those issues—paths, scripts, or misconfigurations that let an attacker execute arbitrary shell commands or gain interactive access to the server. Other categories cover different risk areas: remote file retrieval focuses on exposed files, information disclosure on leaked data or version details, and DOS vulnerabilities on conditions that cause service disruption. None of these imply executing commands or gaining a remote shell, so they’re not the best fit.

This question tests recognizing which Nikto category targets risks where an attacker can run commands on the server or open a remote shell. The category named for shell command execution/remote shell is the one that looks for exactly those issues—paths, scripts, or misconfigurations that let an attacker execute arbitrary shell commands or gain interactive access to the server.

Other categories cover different risk areas: remote file retrieval focuses on exposed files, information disclosure on leaked data or version details, and DOS vulnerabilities on conditions that cause service disruption. None of these imply executing commands or gaining a remote shell, so they’re not the best fit.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy