A tester has determined that null sessions are enabled on a domain controller. Which of the following attacks can be performed to leverage this vulnerability?
A.
RID cycling to enumerate users and groups
B.
Pass the hash to relay credentials
C.
Password brute forcing to log into the host
D.
Session hijacking to impersonate a system account
A - PenTest+ - Practice Test book - SYBEX
One of the first steps when looking to gain access to a host, system, or application is to enumerate usernames. Once usernames are guessed, targeted password-based attacks can then be attempted. A RID cycling attack attempts to enumerate user accounts through null sessions. If a tester specifies a password file, it will automatically attempt to brute force the user accounts when it’s finished enumerating. So, in this scenario, attempting RID cycling will be the next step the tester should try.
It's A
check RID Enum tool and how it works:
Rid Enum is a RID cycling attack that attempts to enumerate user accounts through null sessions and the SID to RID enum.
you can do B and C even if null sessions are not enable.
D.) seems to me like a mixture of some words that sound good but make no sense ...
A.) Seems right
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mr_robot
Highly Voted 5 years agomr_robot
4 years, 11 months agokloug
Most Recent 2 years, 2 months agomiabe
2 years, 9 months agocarletten
3 years, 8 months agoMrRiver
3 years, 7 months ago