In Empire module categories, injecting hashes into the Local Security Authority Subsystem Service (LSASS) is described as part of which category?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

In Empire module categories, injecting hashes into the Local Security Authority Subsystem Service (LSASS) is described as part of which category?

Explanation:
The question tests how Empire groups modules by their purpose. Injecting hashes into LSASS is treated as a management operation because it focuses on handling and controlling credentials on the compromised host to maintain access. It’s not primarily about discovering information (recon) or moving to other machines (lateral movement), and while it supports ongoing access, the action is categorized under managing the host’s credentials and session capabilities. By manipulating credentials inside LSASS, you’re effectively administering how you’ll authenticate on that system and others, which fits the “management” label.

The question tests how Empire groups modules by their purpose. Injecting hashes into LSASS is treated as a management operation because it focuses on handling and controlling credentials on the compromised host to maintain access. It’s not primarily about discovering information (recon) or moving to other machines (lateral movement), and while it supports ongoing access, the action is categorized under managing the host’s credentials and session capabilities. By manipulating credentials inside LSASS, you’re effectively administering how you’ll authenticate on that system and others, which fits the “management” label.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy