nerdexam
GIAC

GPEN · Question #157

GPEN Question #157: Real Exam Question with Answer & Explanation

The correct answer is C. Legion. Legion is a specialized tool that automates brute-force password guessing against NetBIOS sessions on Windows networks, making it the correct choice among the options listed.

Question

Which of the following tools automates password guessing in the NetBIOS session?

Options

  • AL0phtCrack
  • BJohn the Ripper
  • CLegion
  • DNTInfoScan

Explanation

Legion is a specialized tool that automates brute-force password guessing against NetBIOS sessions on Windows networks, making it the correct choice among the options listed.

Common mistakes.

  • A. L0phtCrack is an offline Windows password auditing tool that recovers credentials by cracking NTLM and LM password hashes, not by automating live authentication attempts against NetBIOS sessions.
  • B. John the Ripper is a general-purpose offline password hash cracker that operates against stored hash files, not against live NetBIOS session authentication.
  • D. NTInfoScan is a Windows network enumeration and information-gathering tool used to collect system and share details, not to perform automated password guessing against NetBIOS sessions.

Concept tested. NetBIOS session brute-force attack tooling

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice