A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?

Questions › Category: 312-50v12 › A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?

0 Vote Up Vote Down

Admin Staff asked 1 year ago

A network security analyst, while conducting penetration testing, is aiming to identify a service account password using the Kerberos authentication protocol. They have a valid user authentication ticket (TGT) and decided to carry out a Kerberoasting attack. In the scenario described, which of the following steps should the analyst take next?

A. Carry out a passive wire sni ng operation using Internet packet sniffers

B. Perform a PRobability IN nite Chained Elements (PRINCE) attack

C. Extract plaintext passwords, hashes, PIN codes, and Kerberos tickets using a tool like Mimikatz

D. Request a service ticket for the service principal name of the target service account










Correct Answer: D

This question is in 312-50v12 exam
For getting CEH Certificate