CompTIA Security+ (SY0-701) — Question 254

A security administrator is performing an audit on a stand-alone UNIX server, and the following message is immediately displayed:

(Error 13): /etc/shadow: Permission denied.

Which of the following best describes the type of tool that is being used?

Answer options

• A. Pass-the-hash monitor
• B. File integrity monitor
• C. Forensic analysis
• D. Password cracker

Correct answer: D

Explanation

The correct answer is D, as the error message indicates an attempt to access the /etc/shadow file, which is commonly targeted by password cracking tools to retrieve password hashes. The other options, such as A (Pass-the-hash monitor), B (File integrity monitor), and C (Forensic analysis), do not specifically involve trying to access password storage files or indicate a denial of permission in this context.