312-50V12 Question #172: Real Exam Question with Answer & Explanation

Question

A penetration tester is performing an enumeration on a client's network. The tester has acquired permission to perform enumeration activities. They have identified a remote inter-process communication (IPC) share and are trying to collect more information about it. The tester decides to use a common enumeration technique to collect the desired data. Which of the following techniques would be most appropriate for this scenario?

Options

• AProbe the IPC share by attempting to brute force admin credentials
• BBrute force Active Directory
• CExtract usernames using email IDs
• DConduct a DNS zone transfer

Explanation

The question describes a penetration tester enumerating a remote IPC share to collect more information. The most appropriate technique for this scenario is attempting to brute force administrative credentials against the identified IPC share.

Common mistakes.

• B. Brute-forcing Active Directory is a broader attack against the domain controller's authentication system and is not specifically targeted at gathering information from an identified remote IPC share.
• C. Extracting usernames using email IDs is a passive reconnaissance technique focused on gathering user account information, not an active method to interact with or enumerate an IPC share.
• D. Conducting a DNS zone transfer is an enumeration technique used to gather network infrastructure details from DNS records, which is unrelated to collecting information from a remote IPC share.

Concept tested. IPC$ share enumeration via credential attacks

Reference. https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/9e009477-9942-494b-944d-5872718e476c

No community discussion yet for this question.