An external penetration tester compromised one of the client organization’s authentication servers and retrieved
the password database. Which of the following methods allows the penetration tester to MOST efficiently use
any obtained administrative credentials on the client organization’s other systems, without impacting the
integrity of any of the systems?
A.
Use the pass the hash technique
B.
Use rainbow tables to crack the passwords
C.
Use the existing access to change the password
D.
Use social engineering to obtain the actual password