🔥 3-day streak
CompTIA PenTest+ (PT0-003)148 / 175
Question 148 of 175
During a post-exploitation phase, you have SYSTEM-level access on a Windows 10 workstation belonging to a domain user. You want to harvest plaintext credentials and NTLM hashes of accounts that have recently authenticated interactively on this host, without triggering a domain-wide replication event. Which technique best meets this goal?
Reviewed for accuracy · Report an issueNext question