CompTIA PenTest+ (PT0-002) — Question 336

A penetration tester wants to find the password for any account in the domain without locking any of the accounts. Which of the following commands should the tester use?

Answer options

• A. enum4linux -u user1 -p /passwordList.txt 192.168.0.1
• B. enum4linux -u user1 -p Password1 192.168.0.1
• C. cme smb 192.168.0.0/24 -u /userList.txt -p /passwordList.txt
• D. cme smb 192.168.0.0/24 -u /userList.txt -p Summer123

Correct answer: D

Explanation

The correct answer is D because using 'cme smb' allows the tester to attempt multiple passwords from a list without locking accounts, as it can handle multiple user/password combinations efficiently. Options A and B specify 'enum4linux', which may lock accounts if incorrect passwords are repeatedly tried. Option C uses a password list but does not specify a single password, which may not effectively prevent account locking either.