1.What specific misconfiguration makes AS-REP Roasting possible?
2.What is Kerberos pre-authentication, and what security purpose does it serve?
3.How does AS-REP Roasting differ from Kerberoasting in terms of what the attacker needs?
4.Why might an administrator disable pre-authentication on an account?
5.You find a Domain Admin account with pre-authentication disabled but a 30-character password. Should you report it?
6.What is the key protocol-level distinction between what Kerberoasting and AS-REP Roasting target?