CompTIA PenTest+ (PT0-001) — Question 56

A tester has determined that null sessions are enabled on a domain controller. Which of the following attacks can be performed to leverage this vulnerability?

Answer options

• A. RID cycling to enumerate users and groups
• B. Pass the hash to relay credentials
• C. Password brute forcing to log into the host
• D. Session hijacking to impersonate a system account

Correct answer: D

Explanation

The correct answer is D because null sessions can allow an attacker to gain unauthorized access to a system account by hijacking an active session. The other options involve methods that do not directly exploit null sessions, such as credential relay or brute force attacks, which are not specifically linked to the vulnerabilities associated with null sessions.