1.What privilege level does an attacker need to perform Kerberoasting?
2.Why does the KDC issue TGS tickets to any authenticated user without verifying authorization to use the service?
3.Why is offline cracking the core reason Kerberoasting is difficult to detect?
4.An interviewer asks: 'Does Kerberoasting always lead to Domain Admin?' How should you respond?
5.What is the most effective defense against Kerberoasting?
6.What is targeted Kerberoasting, and what makes it different from standard Kerberoasting?