Certified Ethical Hacker (CEH) — Question 10

Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

Answer options

• A. har.txt
• B. SAM file
• C. wwwroot
• D. Repair file

Correct answer: B

Explanation

The correct answer is B, the SAM file, which contains user account information and hashed passwords, making it a prime target for hackers. The other options, such as har.txt and the Repair file, do not hold the same level of sensitive data, while wwwroot typically refers to web content, which is less valuable in this context.