Computer Hacking Forensic Investigator (CHFI v10) — Question 180

You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using ldp.exe. What are you trying to accomplish here?

Answer options

• A. Poison the DNS records with false records
• B. Enumerate MX and A records from DNS
• C. Establish a remote connection to the Domain Controller
• D. Enumerate domain user accounts and built-in groups

Correct answer: D

Explanation

The correct answer is D because connecting to a Domain Controller on port 389 with ldp.exe allows you to query the directory service and obtain information about user accounts and groups. Options A and B focus on DNS manipulation and record retrieval, which are not the primary goals of connecting to the Domain Controller in this instance. Option C, while related to connectivity, does not specify the intent of gathering directory information.