312-50V10 · Question #644
Which of the following tools are used for enumeration? (Choose three.)
The correct answer is B. USER2SID D. SID2USER E. DumpSec. Windows account enumeration relies on tools that map usernames to Security Identifiers (SIDs) and extract security configuration details from target systems.
Question
Which of the following tools are used for enumeration? (Choose three.)
Options
- ASolarWinds
- BUSER2SID
- CCheops
- DSID2USER
- EDumpSec
How the community answered
(34 responses)- A3% (1)
- B94% (32)
- C3% (1)
Why each option
Windows account enumeration relies on tools that map usernames to Security Identifiers (SIDs) and extract security configuration details from target systems.
SolarWinds is a network performance monitoring and IT management platform, not a security enumeration tool targeting Windows account structures.
USER2SID is a Windows enumeration utility that queries a remote system to translate a known username into its corresponding SID, revealing valid account information during the reconnaissance phase.
Cheops is a network topology discovery and mapping tool used to visualize infrastructure, not to enumerate Windows user accounts or SIDs.
SID2USER performs the inverse operation - converting a known SID value back into its associated username - allowing attackers to enumerate accounts including the renamed built-in Administrator.
DumpSec (formerly DumpACL) enumerates and dumps Windows security data including user accounts, group memberships, share permissions, and audit policies from a target system.
Concept tested: Windows SID-based account enumeration tools
Source: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-security-identifiers
Topics
Community Discussion
No community discussion yet for this question.