CompTIA PenTest+ (PT0-003) — Question 149

During an assessment, a penetration tester runs the following command: setspn.exe -Q */*
Which of the following attacks is the penetration tester preparing for?

Answer options

• A. LDAP injection
• B. Pass-the-hash
• C. Kerberoasting
• D. Dictionary

Correct answer: C

Explanation

The command 'setspn.exe -Q */*' is used to query Service Principal Names (SPNs) which are essential in Kerberos authentication. This information is critical for conducting a Kerberoasting attack, where the attacker targets service accounts to obtain their Kerberos tickets. The other options do not directly relate to the use of SPNs in this manner.