What term describes a connection initiated from a compromised host back to the attacker, bypassing inbound firewall rules?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $25.99Unlock all

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

Multiple Choice

What term describes a connection initiated from a compromised host back to the attacker, bypassing inbound firewall rules?

A reverse shell describes a connection where the compromised host reaches out to the attacker and provides a shell over that outbound channel. This bypasses inbound firewall rules because outbound connections from the inside are usually allowed, while unsolicited inbound connections are blocked. The attacker listens for the incoming connection and, once established, can issue commands through the shell on the victim’s machine.

SSH tunnels and port forwarding involve redirecting traffic through an existing path or session, not primarily about the victim initiating a shell back to the attacker. A VPN creates a secure, broader connection between networks rather than a direct remote shell.

What term describes a connection initiated from a compromised host back to the attacker, bypassing inbound firewall rules?

Prepare for the Security Operations Exam with targeted practice questions. Enhance your understanding with detailed explanations and tips to successfully pass your exam!

What term describes a connection initiated from a compromised host back to the attacker, bypassing inbound firewall rules?

Get the latest from Passetra