← Back to Authentication Coercion

Authentication Coercion Quiz

7 questions


1.What is the fundamental difference between authentication coercion and LLMNR/NBT-NS poisoning?

2.Why do coercion techniques like PrinterBug and PetitPotam cause a machine to authenticate to an attacker?

3.Why is the coerced authentication almost always relayed rather than captured for offline cracking?

4.What does an attacker need before most authentication coercion techniques will work?

5.What role does the WebClient (WebDAV) service play in authentication coercion?

6.Which defense stops the relay step specifically, rather than just closing a single coercion method?

7.An interviewer asks: 'What does authentication coercion give an attacker?' What is the strongest answer?