Multiple Choice
During a penetration test, a tester runs a phishing campaign and receives a shell from an internal PC running Windows 10 OS. The tester wants to perform credential harvesting with Mimikatz. Which of the following registry changes would allow for credential caching in memory?
A) reg add HKLM\System\ControlSet002\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 0
B) reg add HKCU\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
C) reg add HKLM\Software\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
D) reg add HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest /v userLogoCredential /t REG_DWORD /d 1
Correct Answer:
Verified
Correct Answer:
Verified
Q15: A penetration tester has a full shell
Q16: A client has scheduled a wireless penetration
Q17: A security analyst was provided with a
Q18: A penetration tester wants to script out
Q19: A penetration tester observes that the content
Q21: During an internal network penetration test, a
Q22: At the beginning of a penetration test,
Q23: A company has engaged a penetration tester
Q24: A penetration tester is assessing the security
Q25: A penetration tester reports an application is