CompTIA PenTest+ (PT0-001) — Question 26

In a physical penetration tester testing scenario. the penetration tester obtains physical access to a laptop. The laptop is logged in but locked. Which of the following is a potential NEXT step to extract credentials from the device?

Answer options

• A. Brute force the user's password.
• B. Perform an ARP spoofing attack.
• C. Leverage the BeEF framework to capture credentials.
• D. Conduct LLMNR/NETBIOS-ns poisoning.

Correct answer: A

Explanation

The correct answer is A, as brute forcing the user's password could potentially unlock the device and allow access to credentials. Options B and D involve network attacks that would not apply to a locked laptop with physical access. Option C, while relevant for capturing credentials, requires more access than simply being logged in but locked.