GIAC Foundational Cybersecurity Technologies Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the GIAC Cybersecurity Technologies Test. Use practice questions and detailed explanations to enhance your understanding and readiness. Start your journey to certification today!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What file attribute is the penetration tester looking to find using the command below? find / -perm -4000 -user root -type f -print 2>/dev/null

SUID set
SGID set
World writable
Sticky bit set

The correct answer is: SUID set

The command provided is designed to search for files on a Unix/Linux system that have specific characteristics. The use of `-perm -4000` is particularly significant because it indicates that the command is searching for files that have the "Set User ID" (SUID) permission set. When a file has the SUID attribute set, it allows users to execute the file with the permissions of the file's owner—which in this case is specified as "root." This is particularly important in penetration testing, as SUID files can pose security risks if not properly monitored or controlled, potentially allowing unauthorized users to gain elevated privileges. In the context of penetration testing, finding SUID files helps identify possible vulnerabilities that could be exploited to gain unauthorized access or to escalate privileges. Thus, identifying files with the SUID bit set is crucial for assessing the security posture of a system. The other attributes mentioned do not correspond to the characteristics being searched for in this command: - The SGID (Set Group ID) allows files to run with the permissions of the group that owns the file, which is not indicated by the `-4000` permission. - A world writable file allows any user to write to the file, denoted by `-222`, which