nerdexam
ExamsPT0-001Questions#10
CompTIA

PT0-001 · Question #10

PT0-001 Question #10: Real Exam Question with Answer & Explanation

The correct answer is C: responder. Responder is the standard tool used to exploit NETBIOS Name Service by acting as a rogue NBT-NS and LLMNR responder to capture NTLM credential hashes on a network.

Question

A penetration tester wants to target NETBIOS name service. Which of the following is the MOST likely command to exploit the NETBIOS name service?

Options

  • Aarpspoof
  • Bnmap
  • Cresponder
  • Dburpsuite

Explanation

Responder is the standard tool used to exploit NETBIOS Name Service by acting as a rogue NBT-NS and LLMNR responder to capture NTLM credential hashes on a network.

Common mistakes.

  • A. arpspoof performs ARP cache poisoning at Layer 2 and does not interact with NETBIOS name resolution at all.
  • B. nmap is a port scanner and service enumerator - it can detect NBT-NS on port 137 but cannot exploit or poison the service.
  • D. Burp Suite is an HTTP/HTTPS web application proxy and has no capability to interact with NETBIOS or NetBIOS Name Service traffic.

Concept tested. NETBIOS/LLMNR poisoning using Responder

Reference. https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-nbte/76eb8b67-9b80-4e52-8a01-a7a8f6aa8f88

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-001 Practice