CompTIA PenTest+ PT0-001 – Question62

In which of the following scenarios would a tester perform a Kerberoasting attack?

The tester has compromised a Windows device and dumps the LSA secrets.
B. The tester needs to retrieve the SAM database and crack the password hashes.
C. The tester has compromised a limited-privilege user and needs to target other accounts for lateral movement.
D. The tester has compromised an account and needs to dump hashes and plaintext passwords from the system.

Section: (none)

Correct Answer: C