Ethical Hacking Essentials Practice Test

In the context of hacking techniques, what does "LLMNR/NBT-NS poisoning" aim to achieve?

• A. Cracking encrypted passwords
• B. Redirecting traffic to a malicious server
• C. Harvesting credentials through name resolution
• D. Compromising data integrity

The correct answer is: Harvesting credentials through name resolution

"LLMNR/NBT-NS poisoning" primarily aims to harvest credentials through name resolution. This technique exploits the Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) protocols, which are used by devices in a local network to resolve names to IP addresses when DNS servers are not available. When a device attempts to resolve a hostname that is not registered in the DNS, it may send a broadcast query using these protocols. An attacker can respond to these queries with fake responses that direct the querying device to connect to the attacker's machine instead of the legitimate server. By doing this, they can trick users into sending their authentication credentials, such as usernames and passwords, to the attacker's device. This technique is particularly effective in environments using Windows operating systems, where these name resolution protocols are often enabled by default. As a result, the attacker can harvest sensitive credential information without requiring complex exploits or access to the target system, making it a powerful technique in a local network attack scenario. The other options, while they may relate to different hacking techniques or goals, do not accurately describe the primary objective of LLMNR/NBT-NS poisoning, which is focused on capturing credentials through deception in name