Which attack is a post-exploitation activity that an attacker uses to extract service account credential hashes from Active Directory for offline cracking?

Which attack is a post-exploitation activity that an attacker uses to extract service account credential hashes from Active Directory for offline cracking?

• MITM
• On-Path attack
• MAC spoofing
• Kerberoasting

Explanation: Kerberoasting is a post-exploitation activity used by an attacker to extract service account credential hashes from Active Directory for offline cracking. It is a pervasive attack that exploits a combination of weak encryption implementations and improper password practices.

Exam with this question: 5.3.3 Quiz - Exploiting Wired and Wireless Networks Answers