ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 152 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 152
Topic #: 1
[All 312-50v12 Questions]

A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?

  • A. Carry out a passive wire sniffing operation using Internet packet sniffers
  • B. Perform a PRobability INfinite Chained Elements (PRINCE) attack
  • C. Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets using a tool like Mimikatz
  • D. Request a service ticket for the service principal name of the target service account
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
LordXander
6 months, 1 week ago
Selected Answer: D
So option C might be tempting, however it is not used to target a specific account (a service account), hence D would be a "more correct" option. And, according to the handbook, the next step in the attack after TGT is the Service Ticket Request...so D
upvoted 2 times
...
insaniunt
7 months, 3 weeks ago
Selected Answer: D
D. Request a service ticket for the service principal name of the target service account
upvoted 3 times
...
[Removed]
7 months, 3 weeks ago
Im a bit hesitant about the validity of this claim
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago