CompTIA Security+ (SY0-501) — Question 544

A company has a team of penetration testers. This team has located a file on the company file server that they believe contains cleartext usernames followed by a hash. Which of the following tools should the penetration testers use to learn more about the content of this file?

Answer options

• A. Exploitation framework
• B. Vulnerability scanner
• C. Netcat
• D. Password cracker

Correct answer: D

Explanation

The correct answer is D, Password cracker, because it is specifically designed to test and recover passwords from hashes. The other options, such as an exploitation framework, vulnerability scanner, and Netcat, do not serve the purpose of investigating hashed passwords effectively.