Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Broadcom 250-586 Exam - Topic 5 Question 6 Discussion

What is the purpose of a Threat Defense for Active Directory Deceptive Account?
A) It exposes attackers as they seek to gather credential information from workstation memory
B) It acts as a honeypot to expose attackers as they attempt build their AD treasure map
C) It prevents attackers from reading the contents of the Domain Admins Group
D) It assigns a fake NTLM password hash value for users with an assigned AdminCount attribute.

Broadcom 250-586 Exam - Topic 5 Question 6 Discussion

Actual exam question for Broadcom's 250-586 exam
Question #: 6
Topic #: 5
[All 250-586 Questions]

What is the purpose of a Threat Defense for Active Directory Deceptive Account?

Show Suggested Answer Hide Answer
Suggested Answer: A

The purpose of a Threat Defense for Active Directory Deceptive Account is to expose attackers as they attempt to gather credential information from workstation memory. These deceptive accounts are crafted to resemble legitimate credentials but are, in fact, traps that alert administrators to malicious activity. When an attacker attempts to access these deceptive credentials, it indicates potential unauthorized efforts to harvest credentials, allowing security teams to detect and respond to these intrusions proactively.

SES Complete Documentation explains the use of deceptive accounts as part of a proactive defense strategy, where false credentials are seeded in vulnerable areas to catch and track attacker movements within the network.


by Eliseo at Nov 16, 2024, 05:40 AM

Limited Time Offer

25%

Off

Get Premium 250-586 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Apolonia
6 months ago
A is also a valid point, though.
upvoted 0 times
...
Yesenia
6 months ago
Wait, fake NTLM hashes? That's wild!
upvoted 0 times
...
Mitzie
7 months ago
I thought it was more about preventing access, not just exposing them.
upvoted 0 times
...
Lai
7 months ago
Totally agree, option B is spot on.
upvoted 0 times
...
Antonette
7 months ago
It's a honeypot to catch attackers!
upvoted 0 times
...
Winifred
7 months ago
I believe the main goal is to lure attackers into revealing their methods, which sounds like option B, but I could be wrong.
upvoted 0 times
...
Lilli
8 months ago
I’m a bit confused about the role of the fake NTLM hash in option D. Does it really help in defending against attacks?
upvoted 0 times
...
Xenia
8 months ago
I remember practicing a question similar to this, and I feel like option B makes the most sense as a honeypot strategy.
upvoted 0 times
...
Scot
8 months ago
I think the purpose of the Threat Defense is to expose attackers, but I'm not sure if it's more about credential gathering or mapping out the network.
upvoted 0 times
...
Ula
8 months ago
This is a good question. I'll need to think about the different ways that attackers might try to target Active Directory and see which option best describes the purpose of a Deceptive Account.
upvoted 0 times
...
Tawny
8 months ago
I'm pretty confident I know the answer to this one. A Threat Defense for Active Directory Deceptive Account is used to expose attackers who are trying to gather credential information, so I'll go with option A.
upvoted 0 times
...
Elbert
8 months ago
Okay, I think I've got this. The purpose is to act as a honeypot and expose attackers as they try to gather information about the Active Directory environment. Option B looks like the best answer.
upvoted 0 times
...
Tandra
8 months ago
Hmm, I'm a bit confused by the options here. I'll need to review my notes on Active Directory security to see if I can figure out the right answer.
upvoted 0 times
...
Idella
8 months ago
This seems like a tricky question. I'll need to think it through carefully to make sure I understand the purpose of a Threat Defense for Active Directory Deceptive Account.
upvoted 0 times
...
Rebbecca
2 years ago
Option A, all the way! Exposing those attackers is like catching a bunch of mice in a cheese factory.
upvoted 0 times
...
Isaiah
2 years ago
Option C seems like the most straightforward way to protect the Domain Admins Group. Boring, but effective!
upvoted 0 times
Malcolm
1 year ago
User 4: Definitely, security should always be a top priority.
upvoted 0 times
...
Rodolfo
1 year ago
User 3: I agree, it's better to be safe than sorry.
upvoted 0 times
...
Junita
1 year ago
User 2: Yeah, it's important to prevent attackers from accessing sensitive information.
upvoted 0 times
...
Mila
1 year ago
User 1: Option C seems like the most straightforward way to protect the Domain Admins Group.
upvoted 0 times
...
...
Marjory
2 years ago
I believe it also assigns fake NTLM password hash values to users with AdminCount attribute.
upvoted 0 times
...
Joanna
2 years ago
This is a tough one, but I'm feeling Option B. Gotta love a good 'treasure map' trap!
upvoted 0 times
...
Coletta
2 years ago
Option D is the only one that mentions NTLM hashes, so that's gotta be the right answer. Time to fake 'em out!
upvoted 0 times
Donte
1 year ago
D) It assigns a fake NTLM password hash value for users with an assigned AdminCount attribute.
upvoted 0 times
...
Novella
1 year ago
C) It prevents attackers from reading the contents of the Domain Admins Group
upvoted 0 times
...
Juan
1 year ago
B) It acts as a honeypot to expose attackers as they attempt build their AD treasure map
upvoted 0 times
...
Renea
1 year ago
A) It exposes attackers as they seek to gather credential information from workstation memory
upvoted 0 times
...
...
Valentine
2 years ago
I agree with Delpha, it acts as a honeypot to catch attackers building their AD treasure map.
upvoted 0 times
...
Delpha
2 years ago
I think the purpose is to expose attackers trying to gather credential information.
upvoted 0 times
...
Tyisha
2 years ago
I'm going with Option A. Exposing the attackers as they try to gather credentials is just too good to pass up.
upvoted 0 times
Barbra
1 year ago
I see your point, but I still think Option C is the best way to prevent attackers from accessing sensitive information.
upvoted 0 times
...
Mel
1 year ago
I think Option B could also be effective in luring attackers and exposing them.
upvoted 0 times
...
Kris
1 year ago
I agree, Option A sounds like a great way to catch attackers in the act.
upvoted 0 times
...
...
Magdalene
2 years ago
Option B sounds like the way to go. Who doesn't love a good honeypot to catch those pesky attackers?
upvoted 0 times
Rosalind
1 year ago
User 4: It's important to stay one step ahead of attackers, and using deceptive accounts can help in that.
upvoted 0 times
...
Lonna
2 years ago
User 3: I agree, using deceptive accounts to track and monitor malicious activity is a smart defense strategy.
upvoted 0 times
...
Gilberto
2 years ago
User 2: Yeah, honeypots can be really effective in luring attackers and exposing their tactics.
upvoted 0 times
...
Malinda
2 years ago
User 1: Option B sounds like the way to go. Who doesn't love a good honeypot to catch those pesky attackers?
upvoted 0 times
...
...

Save Cancel