PT0-002 · Question #408
PT0-002 Question #408: Real Exam Question with Answer & Explanation
The correct answer is A: To maintain confidentiality of data/information. When a penetration tester captures screen images that include hashes from a domain controller, obscuring parts of these images before saving is crucial to maintain the confidentiality of sensitive data. Hashes can be considered sensitive information as they represent a form of di
Question
A penetration tester is taking screen captures of hashes obtained from a domain controller. Which of the following best explains why the penetration tester should immediately obscure portions of the images before saving?
Options
- ATo maintain confidentiality of data/information
- BTo avoid disclosure of how the hashes were obtained
- CTo make the hashes appear shorter and easier to crack
- DTo prevent analysis based on the type of hash
Explanation
When a penetration tester captures screen images that include hashes from a domain controller, obscuring parts of these images before saving is crucial to maintain the confidentiality of sensitive data. Hashes can be considered sensitive information as they represent a form of digital identity for users within an organization. Revealing these hashes in full could lead to unauthorized access if the hashes were to be cracked or otherwise misused by malicious actors. By partially obscuring the images, the penetration tester ensures that the data remains confidential and reduces the risk of compromising user accounts and the integrity of the organization's security posture.
Topics
Community Discussion
No community discussion yet for this question.