1.Why does Pass the Hash work against NTLM authentication?
2.What is the most common amplifier that makes Pass the Hash devastating in practice?
3.Where does an attacker typically obtain NT hashes for Pass the Hash?
4.What is Overpass the Hash, and how does it differ from standard Pass the Hash?
5.Why does patching Windows not eliminate Pass the Hash?
6.What is the most effective defense against Pass the Hash amplification across hosts?