An assessment reveals a compromised account on a domain-joined machine. The credential can read user profiles in the directory. What is the BEST way to gather relevant details such as group memberships with this account?
Open a remote console session on another workstation to identify security settings
Extract memory data from the domain-joined machine to glean session records
Conduct a basic directory search for user associations and membership details
Capture data packets on the compromised system to look for account credentials
Reviewing data directly within the directory uses the authenticated user’s read capability to reveal group associations. Other options rely on examining network traffic, memory contents, or accessing a different system, which may not uncover the full range of group information tied to each account.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a basic directory search?
Open an interactive chat with Bash
How do group memberships in a directory affect security?
Open an interactive chat with Bash
What is the purpose of a domain-joined machine in a network?