Certified Information Systems Security Professional (CISSP) — Question 34

An authentication system that uses challenge and response was recently implemented on an organization's network, because the organization conducted an annual penetration test showing that testers were able to move laterally using authenticated credentials. Which attack method was MOST likely used to achieve this?

Answer options

• A. Hash collision
• B. Pass the ticket
• C. Brute force
• D. Cross-Site Scripting (XSS)

Correct answer: B

Explanation

The 'Pass the ticket' method involves using stolen Kerberos tickets to access resources on a network, allowing attackers to move laterally without needing additional credentials. The other options, while they represent different attack methods, do not directly facilitate lateral movement in the same way that 'Pass the ticket' does.