CompTIA PenTest+ (PT0-001) — Question 171

A consultant is attempting to harvest credentials from unsecure network protocols in use by the organization. Which of the following commands should the consultant use?

Answer options

• A. tcpdump
• B. john
• C. hashcat
• D. nc

Correct answer: A

Explanation

The correct answer is A, tcpdump, as it is a packet capturing tool that can intercept and log traffic passing over a network, making it suitable for harvesting credentials. The other options, such as john and hashcat, are focused on password cracking, while nc (netcat) is used for network communication, not specifically for capturing credentials.