Which two statements are true regarding an attacker who is performing a "pass-the-hash" attack? (Choose two.)
A. The attacker knows the actual password.
B. The attacker does not know the actual password.
C. The attacker has control over the victim’s machine.
D. The attacker performs a brute-force computation of the hash.
