GIAC Certified Incident Handler (GCIH) — Question 17
Which Microsoft tool can be used to mitigate the risk of an adversary reusing a stolen local administrator password hash?
Answer options
- A. Attack surface reduction
- B. LAPS
- C. ASLR
- D. Heap spray protection
Correct answer: D
Explanation
The correct answer is D, Heap spray protection, as it specifically addresses vulnerabilities that can be exploited using reused credentials. Other options like Attack surface reduction, LAPS, and ASLR do not directly focus on preventing the reuse of local administrator password hashes.