CompTIA PenTest+ (PT0-003) — Question 39

A penetration tester compromises a Windows OS endpoint that is joined to an Active Directory local environment. Which of the following tools should the tester use to manipulate authentication mechanisms to move laterally in the network?

Answer options

• A. Rubeus
• B. WinPEAS
• C. NTLMRelayX
• D. Impacket

Correct answer: A

Explanation

Rubeus is specifically designed for manipulating Kerberos tickets and performing various Kerberos-related attacks, making it ideal for lateral movement in an Active Directory environment. WinPEAS is primarily used for privilege escalation, while NTLMRelayX focuses on NTLM relay attacks, and Impacket is a collection of Python classes for working with network protocols, but does not specialize in authentication manipulation like Rubeus does.