CompTIA Security+ SY0-601 – Question711

An employee fell for a phishing scam, which allowed an attacker to gain access to a company PC. The attacker scraped the PC's memory to find other credentials. Without cracking these credentials, the attacker used them to move laterally through the corporate network. Which of the following describes this type of attack?


A.
Privilege escalation
B. Buffer overflow
C. SQL injection
D. Pass-the-hash

Correct Answer: D