Examice

Exam GPEN All QuestionsBrowse all questions from this exam

Question 11

Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?

No triggering of IDS signatures from the attack privileges at the level of theacquired password hash and no corruption of the LSASS process.

No triggering of IDS signatures from the attack, no account lockout and use ofnative windows file and print sharing tools on the compromised system.

No account lockout, privileges at the level of the acquired password hash and useof native windows file and print Sharif tools on the compromised system.

No account lockout, use of native file and print sharing tools on the compromisedsystem and no corruption of the LSASS process.

Correct Answer: D

A pass-the-hash attack allows an attacker to authenticate without needing to crack the user's password, thus avoiding account lockout. It also enables the use of native file and print sharing tools on the compromised system, and importantly, it does not require interactions that might lead to corruption of the Local Security Authority Subsystem Service (LSASS) process. D correctly captures all these benefits.

Discussion

chadiosaurous

Definitely C or D