Computer Hacking Forensic Investigator (CHFI v10) — Question 362

On an Active Directory network using NTLM authentication, where on the domain controllers are the passwords stored?

Answer options

• A. SAM
• B. AMS
• C. Shadow file
• D. Password.conf

Correct answer: A

Explanation

The correct answer is A, SAM, which stands for Security Accounts Manager, where user account information, including passwords, is stored. Options B (AMS), C (Shadow file), and D (Password.conf) do not accurately represent where passwords are stored in an Active Directory environment.