GIAC Penetration Tester (GPEN) — Question 42

Which of the following describe the benefits to a pass-the-hash attack over traditional password cracking?

Answer options

• A. No triggering of IDS signatures from the attack privileges at the level of theacquired password hash and no corruption of the LSASS process.
• B. No triggering of IDS signatures from the attack, no account lockout and use ofnative windows file and print sharing tools on the compromised system.
• C. No account lockout, privileges at the level of the acquired password hash and useof native windows file and print Sharif tools on the compromised system.
• D. No account lockout, use of native file and print sharing tools on the compromisedsystem and no corruption of the LSASS process.

Correct answer: D

Explanation

The correct answer is D because a pass-the-hash attack allows an attacker to utilize native file and print sharing tools on the compromised system without causing account lockout and without corrupting the LSASS process. Options A, B, and C include incorrect combinations of benefits that do not fully capture the advantages of a pass-the-hash attack over traditional password cracking.