312-50V13 · Question #79
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: From the above list identify the user account with System Administr
The correct answer is F. Chang. In Windows, the built-in Administrator account has a well-known SID suffix, typically ending in -500, which identifies it as the highest privilege system administrator.
Question
Exhibit
Options
- AJohn
- BRebecca
- CSheela
- DShawn
- ESomia
- FChang
- GMicah
How the community answered
(23 responses)- B4% (1)
- F96% (22)
Why each option
In Windows, the built-in Administrator account has a well-known SID suffix, typically ending in -500, which identifies it as the highest privilege system administrator.
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Assuming 'Chang' corresponds to a SID ending with the Relative Identifier (RID) of 500, this identifies the user as the built-in Administrator account on a Windows system, which possesses System Administrator privileges.
Without the actual SID list, these choices are incorrect if they do not correspond to the specific Administrator SID (ending in -500) or a member of the Administrators group (RID -544).
Concept tested: Windows Security Identifiers (SIDs) and well-known RIDs
Source: https://learn.microsoft.com/en-us/windows/win32/secauthz/well-known-sids
Topics
Community Discussion
No community discussion yet for this question.
