nerdexam
EC-Council

312-50V11 · Question #644

Which of the following tools are used for enumeration? (Choose three.)

The correct answer is B. USER2SID D. SID2USER E. DumpSec. USER2SID, SID2USER, and DumpSec are classic Windows enumeration tools used to extract user account information and security identifiers from target systems.

Enumeration

Question

Which of the following tools are used for enumeration? (Choose three.)

Options

  • ASolarWinds
  • BUSER2SID
  • CCheops
  • DSID2USER
  • EDumpSec

How the community answered

(34 responses)
  • A
    6% (2)
  • B
    91% (31)
  • C
    3% (1)

Why each option

USER2SID, SID2USER, and DumpSec are classic Windows enumeration tools used to extract user account information and security identifiers from target systems.

ASolarWinds

SolarWinds is a network management and monitoring platform (SNMP-based) used for infrastructure administration, not for enumerating user accounts or security identifiers on target systems.

BUSER2SIDCorrect

USER2SID translates a Windows username into its corresponding Security Identifier (SID), enabling attackers to enumerate valid accounts on a target system. SID2USER performs the reverse operation, resolving a known SID back to a username, allowing enumeration of accounts including built-in and hidden accounts. DumpSec (formerly DumpACL) enumerates users, groups, shares, and permissions from Windows systems, making it a comprehensive enumeration tool.

CCheops

Cheops is a network mapping and OS fingerprinting tool used to discover hosts and identify operating systems, not to enumerate user accounts or group memberships.

DSID2USERCorrect

SID2USER performs the reverse operation, resolving a known SID back to a username, allowing enumeration of accounts including built-in and hidden accounts.

EDumpSecCorrect

DumpSec (formerly DumpACL) enumerates users, groups, shares, and permissions from Windows systems, making it a comprehensive enumeration tool.

Concept tested: Windows enumeration tools for user and SID extraction

Source: https://www.cisa.gov/sites/default/files/publications/AD_Enterprise_Best_Practices.pdf

Topics

#enumeration tools#USER2SID#DumpSec#Windows enumeration

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice