PT0-003 · Question #219
PT0-003 Question #219: Real Exam Question with Answer & Explanation
The correct answer is C: The tester plans to use the hash collected to perform lateral movement to other computers using. The tester is using Mimikatz to dump cached credentials from Local Security Authority (LSA) The tester extracts cached credentials to authenticate without cracking passwords. Pass-the- Hash (PtH) allows lateral movement by reusing the NTLM hash on other systems.
Question
During a penetration test, a tester compromises a Windows computer. The tester executes the following command and receives the following output: mimikatz # privilege::debug mimikatz # lsadump::cache -Output--- lapsUser 27dh9128361tsg264592101387541j --OutputEnd-- Which of the following best describes what the tester plans to do by executing the command?
Options
- AThe tester plans to perform the first step to execute a Golden Ticket attack to compromise the
- BThe tester plans to collect application passwords or hashes to compromise confidential
- CThe tester plans to use the hash collected to perform lateral movement to other computers using
- DThe tester plans to collect the ticket information from the user to perform a Kerberoasting attack
Explanation
The tester is using Mimikatz to dump cached credentials from Local Security Authority (LSA) The tester extracts cached credentials to authenticate without cracking passwords. Pass-the- Hash (PtH) allows lateral movement by reusing the NTLM hash on other systems.
Topics
Community Discussion
No community discussion yet for this question.