Which choice below is NOT a way to get Windows NT passwords?

A.
Obtain root access to the /etc/passwd file.

B.
Use pwdump2 to dump the password hashes directly from the registry.

C.
Obtain the backup SAM from the repair directory.

D.
Boot the NT server with a floppy containing an alternate operating system.

Explanation:
The /etc/passwd file is a Unix system file. The NT Security Accounts Manager, SAM, contains the
usernames and encrypted passwords of all local (and domain, if the server is a domain controller)
users. The SAM uses an older, weaker LanManager hash that can be broken easily by tools like
L0phtcrack. Physical access to the NT server and the rdisks must be controlled. The Sam._ file in the
repair directory must be deleted after creation of an rdisk. Pwdump and pwdump2 are utilities that
allow someone with Administrator rights to target the Local Security Authority Subsystem, isass.exe,
from a remote system. Source: Hacking Exposed by Stuart McClure, Joel Scambray, and George Kurtz
(Osborne, 1999).