https://ru.wikipedia.org/wiki/DNS_spoofing
DNS spoofing is a threat that copies the legitimate server destinations to divert the domain's traffic. Ignorant these attacks, the users are redirected to malicious websites, which results in insensitive and personal data being leaked. It is a method of attack where your DNS server is tricked into saving a fake DNS entry. This will make the DNS server recall a fake site for you, thereby posing a threat to vital information stored on your server or computer.
The cache poisoning codes are often found in URLs sent through spam emails. These emails are sent to prompt users to click on the URL, which infects their computer. When the computer is poisoned, it will divert you to a fake IP address that looks like a real thing. This way, the threats are injected into your systems as well.
Different Stages of Attack of DNS Cache Poisoning:
- The attacker proceeds to send DNS queries to the DNS resolver, which forwards the Root/TLD authoritative DNS server request and awaits an answer.
- The attacker overloads the DNS with poisoned responses that contain several IP addresses of the malicious website. To be accepted by the DNS resolver, the attacker's response should match a port number and the query ID field before the DNS response. Also, the attackers can force its response to increasing their chance of success.
- If you are a legitimate user who queries this DNS resolver, you will get a poisoned response from the cache, and you will be automatically redirected to the malicious website.

Weaknesses of LM hashes include:
A). Passwords are converted to uppercase before hashing.
B). In older Windows systems, LM hashes were transmitted over the network, sometimes in plaintext (or easily intercepted).
D). Passwords are split into two 7-character chunks, which are hashed independently, reducing entropy.
From CEH v13 Courseware:
Module 6: Malware and Password Threats
Module 4: Windows Enumeration
Incorrect Option:
C: LM uses DES encryption with 56-bit keys (not 32-bit).
Reference:CEH v13 Study Guide - Module 6: Weaknesses in LM HashingMicrosoft Security Documentation
- LM Hashing Vulnerabilities
======

Comprehensive and Detailed Explanation:
Script Kiddies are individuals with minimal technical skills who use existing tools or scripts developed by others to perform attacks. They generally do not understand the underlying mechanisms and rely on publicly available hacking tools.
From CEH v13 Official Study Guide:
Module 1: Introduction to Ethical Hacking # Hacker Types
"Script kiddies are unskilled attackers who use tools created by others." Reference: CEH v13 Courseware - Hacker Classification
==

LM hashes are split into two 16-character halves (each representing 7-character blocks). If the original password is less than 8 characters, the second half of the LM hash will always be a constant:
"AAD3B435B51404EE"
This known value is used to pad the second half of the password, and it signals that the original password was
7 characters or fewer.
In the options:
B). 44EFCE164AB921CQAAD3B435B51404EE # ends with AAD3B435B51404EE # < 8 chars E). B757BF5C0D87772FAAD3B435B51404EE # also ends with AAD3B435B51404EE # < 8 chars From CEH v13 Official Courseware:
Module 6: Malware Threats # LM Hash Weaknesses
Reference:CEH v13 Study Guide - Module 6: Password Cracking # LM Hash Structure and Indicators
======

https://us-cert.cisa.gov/ncas/alerts/TA18-201A
Currently, Emotet uses five known spreader modules: NetPass.exe, WebBrowserPassView, Mail PassView, Outlook scraper, and a credential enumerator. Credential enumerator is a self-extracting RAR file containing two components: a bypass component and a service component. The bypass component is used for the enumeration of network resources and either finds writable share drives using Server Message Block (SMB) or tries to brute force user accounts, including the administrator account. Once an available system is found, Emotet writes the service component on the system, which writes Emotet onto the disk. Emotet's access to SMB can result in the infection of entire domains (servers and clients).