In NTLMv2, which elements form the final response along with the server challenge?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

In NTLMv2, which elements form the final response along with the server challenge?

Explanation:
In NTLMv2, the response that satisfies the server’s challenge is built from two parts: an NTProofStr and a blob. The NTProofStr is an MD5-based HMAC computed with the NTLMv2 hash and the server challenge plus the blob. The blob is created by the client and carries a timestamp (to prove freshness) and a client challenge (a random value that binds this authentication attempt to the current exchange). The server challenge is essential for the cryptographic proof, while the timestamp and client challenge are the elements carried inside the blob that accompany the server challenge to form the complete response. That’s why the correct combination includes the server challenge, the timestamp, and the client challenge.

In NTLMv2, the response that satisfies the server’s challenge is built from two parts: an NTProofStr and a blob. The NTProofStr is an MD5-based HMAC computed with the NTLMv2 hash and the server challenge plus the blob. The blob is created by the client and carries a timestamp (to prove freshness) and a client challenge (a random value that binds this authentication attempt to the current exchange). The server challenge is essential for the cryptographic proof, while the timestamp and client challenge are the elements carried inside the blob that accompany the server challenge to form the complete response. That’s why the correct combination includes the server challenge, the timestamp, and the client challenge.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy