CompTIA PenTest+ (PT0-002) — Question 348

A penetration tester obtains the hash of a service account within a customer’s Active Directory. Which of the following attacks should the penetration tester attempt next?

Answer options

• A. Password spraying
• B. Golden ticket
• C. Cache poisoning
• D. Kerberoasting

Correct answer: A

Explanation

Password spraying is an effective attack to test the validity of the service account hash without locking out accounts, making it the most suitable choice. Golden ticket attacks require more extensive access and an initial compromise, while cache poisoning and Kerberoasting are not directly related to exploiting the hashed credentials obtained.