PT0-003
Post-Exploitation and Lateral Movement
medium
Question 3 of 14

A penetration tester has compromised a Windows workstation in a domain environment and wants to move laterally to a domain controller. The tester has obtained the NTLM hash of a domain administrator account. Which technique would allow authentication to the domain controller without cracking the hash?

ACredential stuffing
BPass-the-hash using a tool like Impacket's psexec.py
CKerberoasting
DPassword spraying

More Post-Exploitation and Lateral Movement Questions

14 questions

Full CompTIA PenTest+ Practice Test

All topics covered

All CompTIA PenTest+ Questions

Browse by topic

Related Questions

Which term describes the technique of maintaining access to a compromised system across reboots or c...

easy

After compromising a Linux web server, a penetration tester wants to establish persistence without c...

hard

A penetration tester has compromised a host within a target network and wants to access an internal ...

medium

A penetration tester has gained access to a Windows domain environment and uses BloodHound to analyz...

hard

During the post-exploitation phase, a penetration tester documents all commands executed, files acce...

medium
View all Post-Exploitation and Lateral Movement questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account