CompTIA PenTest+ (PT0-003) — Question 5

While performing an internal assessment, a tester uses the following command: crackmapexec smb 192.168.1.0/24 -u user.txt -p Summer123@
Which of the following is the main purpose of the command?

Answer options

• A. To perform a pass-the-hash attack over multiple endpoints within the internal network
• B. To perform common protocol scanning within the internal network
• C. To perform password spraying on internal systems
• D. To execute a command in multiple endpoints at the same time

Correct answer: C

Explanation

The command is designed for password spraying, which involves attempting a single password across various accounts to gain unauthorized access. Options A and D are incorrect as they involve different attack methodologies, and option B does not align with the specific action being taken with the provided command.