🔥 3-day streak
CompTIA PenTest+ (PT0-003)41 / 175
Question 41 of 175

During an internal penetration test, you have compromised a domain controller and extracted the KRBTGT account's NTLM hash using DCSync. The client asks you to demonstrate a persistence technique that would let you impersonate any user in the domain—including nonexistent accounts—without relying on the DC to validate account existence, and that would survive individual user password resets. Which technique should you demonstrate?

Reviewed for accuracy · Report an issueNext question