PT0-003 · Question #285
PT0-003 Question #285: Real Exam Question with Answer & Explanation
The correct answer is A: Responder. Given an insecure wireless network (e.g., open or poorly secured Wi-Fi), a practical initial access technique is to capture or poison name resolution/authentication requests from client systems once they are on that network. Responder is designed to perform LLMNR/NBT-NS/MDNS pois
Question
A company that uses an insecure corporate wireless network is concerned about security. Which of the following is the most likely tool a penetration tester could use to obtain initial access?
Options
- AResponder
- BMetasploit
- CNetcat
- DNmap
Explanation
Given an insecure wireless network (e.g., open or poorly secured Wi-Fi), a practical initial access technique is to capture or poison name resolution/authentication requests from client systems once they are on that network. Responder is designed to perform LLMNR/NBT-NS/MDNS poisoning and capture NTLM authentication attempts and other credential material on a local network segment. On an insecure Wi-Fi network an attacker can either join the network or run a rogue AP and then run Responder to capture credentials from connected clients -- a typical and effective initial-access method in such scenarios.
Topics
Community Discussion
No community discussion yet for this question.