GIAC Penetration Tester (GPEN) — Question 32

What is the main difference between LAN MAN and NTLMv1 challenge/responses?

Answer options

• A. NTLMv1 only pads IS bytes, whereas LANMAN pads to 21 bytes
• B. NTLMv1 starts with the NT hash, whereas LANMAN starts with the LANMAN hash
• C. NTLMv1utilizes DES, whereas LANMAN utilizes MD4
• D. NTLMv1 splits the hash into 3 eight-byte pieces, whereas LAN MAN splits the hash Into 3 seven-byte pieces

Correct answer: A

Explanation

The correct answer is A because NTLMv1 applies padding specifically to IS bytes while LANMAN pads its data to 21 bytes. The other options are incorrect as they misrepresent the hashing algorithms and the structures of the hashes used in NTLMv1 and LANMAN.