🔥 3-day streak
CompTIA PenTest+ (PT0-003)147 / 175
Question 147 of 175

After gaining a foothold on a Windows workstation with a domain user's cached credentials, you want to identify which other machines this compromised user has active sessions on, so you can prioritize lateral movement targets where their token or credentials may be reusable. You have BloodHound-collected data available. Which enumeration approach most directly reveals where the compromised user is currently logged on across the domain?

Reviewed for accuracy · Report an issueNext question