Windows Password Hashing and Security

What is the primary advantage of password salting?

It makes it more difficult to reverse the hashes and defeats pre-computed hash attacks

What is the purpose of the PWDUMP tool?

To extract LM and NTLM password hashes from the SAM database

What is the main difference between PWDUMP and FGdump?

FGdump extracts cached credentials

Which password cracking tool is based on rainbow tables?

Ophcrack Signup and view all the answers

What is the limitation of password hashes in Windows?

They are not salted Signup and view all the answers

What is the purpose of L0phtCrack?

To perform password auditing and recovery Signup and view all the answers

What is the primary goal of a privilege escalation attack?

To gain administrative access to a system Signup and view all the answers

What is the primary goal of using encryption techniques in defending against privilege escalation?

To protect sensitive data Signup and view all the answers

What is the main difference between vertical and horizontal privilege escalation?

The level of access gained Signup and view all the answers

Why can an attacker place a malicious DLL in an application directory to escalate privileges?

Because the application does not use a fully qualified path to load the DLL Signup and view all the answers

What is the primary purpose of running users and applications on the least privileges?

To minimize the attack surface Signup and view all the answers

What can an attacker do if they gain administrative privileges using a privilege escalation attack?

Reset the passwords of other non-administrative accounts Signup and view all the answers

What is the primary function of RemoteExec?

To remotely install applications, execute programs/scripts, and update files and folders Signup and view all the answers

What is the name of the tool that can be used to reset passwords using privileges?

Offline NT Password & Registry Editor Signup and view all the answers

What is the primary purpose of patching the systems regularly?

To fix OS and application coding errors and bugs Signup and view all the answers

What is the primary goal of executing malicious programs remotely in the victim's machine?

To gather information that leads to exploitation or loss of privacy Signup and view all the answers

What is the name of the technique used to escalate privileges by placing a malicious DLL in an application directory?

DLL Hijacking Signup and view all the answers

What is the primary function of PDQ Deploy?

To silently install any application or patch Signup and view all the answers

What is the primary purpose of a keylogger?

To gather confidential information about a victim Signup and view all the answers

What is the main difference between a hardware keylogger and a software keylogger?

One is installed on the OS, while the other is embedded in the keyboard Signup and view all the answers

What type of keylogger is placed between the keyboard hardware and the OS?

Physical Keylogger Signup and view all the answers

Which type of keylogger uses Wi-Fi or Bluetooth for transmission?

External Keylogger Signup and view all the answers

What is a legitimate use of keyloggers for home users?

To monitor children's activity Signup and view all the answers

What is the main risk of using an account with administrative privileges?

Undetected execution of malicious code Signup and view all the answers

What is the primary purpose of NTFS Alternate Data Stream (ADS)?

To store metadata about files, such as attributes and access times Signup and view all the answers

How can you delete NTFS streams?

Move the suspected files to a FAT partition Signup and view all the answers

What is the primary goal of steganography?

To conceal data within an ordinary message Signup and view all the answers

What type of utility can help maintain the integrity of an NTFS partition?

File integrity checker Signup and view all the answers

What is the name of a hacking tool that can detect NTFS streams?

All of the above Signup and view all the answers