nerdexam
ExamsPT0-001Questions#162
CompTIA

PT0-001 · Question #162

PT0-001 Question #162: Real Exam Question with Answer & Explanation

The correct answer is B: Kerberos. NOTE: The stated correct answer (B. Kerberos) appears to contain an error. Traditional pass-the-hash (PtH) attacks work by capturing NTLM (NTLMv1) hashes and replaying them directly against services that use NTLM authentication - no password cracking required. NTLMv1/NTLM (choice

Question

A file contains several hashes. Which of the following can be used in a pass-the-hash attack?

Options

  • ANTLMv2
  • BKerberos
  • CNTLMv1
  • DLMv2
  • ENTLM

Explanation

NOTE: The stated correct answer (B. Kerberos) appears to contain an error. Traditional pass-the-hash (PtH) attacks work by capturing NTLM (NTLMv1) hashes and replaying them directly against services that use NTLM authentication - no password cracking required. NTLMv1/NTLM (choices C and E) are the classic PtH targets. NTLMv2 is more resistant because it incorporates a client challenge and timestamp, making simple replay harder. LM hashes are obsolete but not the standard PtH target. Kerberos uses tickets (not raw hashes) for authentication; Kerberos-related attacks use 'pass-the-ticket' or 'overpass-the-hash' (using an NT hash to request a TGT), which is a distinct technique. If this question is from a published exam, the intended correct answer is most likely E (NTLM) or C (NTLMv1). Verify the source material for the authoritative answer.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-001 Practice