312-49v10 Exam QuestionsBrowse all questions from this exam

312-49v10 Exam - Question 439


An investigator wants to extract passwords from SAM and System Files. Which tool can the investigator use to obtain a list of users, passwords, and their hashes in this case?

Show Answer
Correct Answer: C

To extract passwords from SAM and System files, an investigator can use PWdump7. PWdump7 is specifically designed to extract LM and NTLM password hashes from the Security Accounts Manager (SAM) database on a Windows system.

Discussion

4 comments
Sign in to comment
ElbOption: C
May 24, 2024

c > PwDump7 extracts LM and NTLM password hashes of local user accounts from the database

ElbOption: D
May 24, 2024

This tool runs by extracting the binary SAM and system file from the file system and then extracts the hashes.

jingu_bingoOption: C
Jun 6, 2024

CHFIv11 page 418. pwdump7 extracts LTM and NTLM pass hashes from Security Accounts Manager (SAM)

aqeel1506Option: C
Jul 21, 2024

To extract passwords from SAM (Security Account Manager) and System files on a Windows system, an investigator can use the tool PWdump7. This tool is specifically designed for obtaining a list of users, passwords, and their hashes from these files. Therefore, the correct answer is: C. PWdump7