CERTIVIEW

Wednesday, 10 August 2016

CEH v9 Question of the Week: Password Attack Method

CEH-v9-QOWGreenKelly is a network security officer for a large state-run agency in California. Kelly is asked by the IT manager of another state agency to perform a security audit on their network. This audit she is asked to perform is an external audit. The IT manager thought that Kelly would be a great candidate for this task since she does not work for this other agency and is an accomplished IT auditor. The first task that she is asked to perform is an attempt to crack user passwords. Since Kelly knows that all state agency passwords must abide by the same password policy, she believes she can finish this particular task quickly.

What is the best password attack method for Kelly to use in this situation?

A. Kelly can produce the best and fastest results if she uses a dictionary attack.
B. A hyberfil-based password attack is the best method of password cracking in this scenario.
C. She should utilize the reverse-encryption password cracking technique since she knows the password policy.
D. Kelly should use a rule-based attack on the agency’s user passwords.

Reveal Answer

The correct answer is D.

This attack is used when the attacker or security auditor has some information about the password. This is more powerful attack than the dictionary and brute-force attacks, because the attacker or security auditor knows the password type. For example, if the attacker or security auditor knows that the password contains a two- or three-digit number, he or she will use some specific techniques to extract the password quickly.

 

Related Course
Certified Ethical Hacker v9

CEH v9 Question of the Week Series

  • CEH v9 Question of the Week: Retina Scanners
  • CEH v9 Question of the Week: Employee Behavior
  • CEH v9 Question of the Week: CVE-2007-2447
  • CEH v9 Question of the Week: SQL Injection
  • CEH v9 Question of the Week: Web Application Penetration Testing
  • CEH v9 Question of the Week: iptables
  • CEH v9 Question of the Week: Examine Streams of Packets
  • CEH v9 Question of the Week: Scans
  • CEH v9 Question of the Week: SQL Injection
  • CEH v9 Question of the Week: Standard Risk Assessment
  • CEH v9 Question of the Week: Penetration Testing
  • CEH v9 Question of the Week: SMB Over TCP/IP
  • CEH v9 Question of the Week: Block Cipher
  • CEH v9 Question of the Week: Prevent Future DoS Attacks
  • CEH v9 Question of the Week: Same MAC Address
  • CEH v9 Question of the Week: XSS Scripting
  • CEH v9 Question of the Week: Sniff a Switched Network
  • CEH v9 Question of the Week: TCP/IP Session Hijacking
  • CEH v9 Question of the Week: Firewall Traffic
  • CEH v9 Question of the Week: Full TCP connection
  • CEH v9 Question of the Week: Password Cracking Tool
  • CEH v9 Question of the Week: Social Engineering Attack
  • CEH v9 Question of the Week: Password Attack Method


from
CERTIVIEW
Posted by Unknown at 05:16
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Labels: certification, CERTIVIEW, course, elearning, Global Knowledge Training Blog, IT, online test, Security

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Blog Archive

  • ►  2017 (143)
    • ►  March (19)
    • ►  February (55)
    • ►  January (69)
  • ▼  2016 (1230)
    • ►  December (46)
    • ►  November (61)
    • ►  October (65)
    • ►  September (66)
    • ▼  August (75)
      • Google Apps Now Prefers Okta for Businesses
      • Security+ Question of the Week: BYOD Compliance
      • Best IT Trainer Certifications For 2017
      • Best Time and Attendance Software
      • Windows 10 Professional vs. Enterprise: What's Bes...
      • Two Great Security Features of VMware’s NSX Networ...
      • What is a Mobile Rootkit?
      • Businesses Can Legally Operate Drones Now
      • CCNA Collaboration Question of the Week: Cisco Tel...
      • Beware of Ransomware: A Security Alert for Your Em...
      • Tech Professionals in Finance, Healthcare Earn More
      • Best Hosted VoIP Solutions for Business
      • CCNP Data Center Question of the Week: Layer 3 Card
      • Microsoft Offers VMWare Switchers Free Windows Ser...
      • Best Microsoft Word Add-Ons for IT Professionals
      • Soft Skills Your Boss Cares About
      • Security+ Question of the Week: NoSQL vs. SQL Data...
      • Best Employee Mobile Device Policies Share These F...
      • How to Create Phone Trees for Business Phone Systems
      • Apple macOS Sierra: The Big IT Updates
      • Best Unified Communications Certifications For 2017
      • Teradata Certification Guide: Overview and Career ...
      • The Other Network: Why Personal and Professional M...
      • CCNA Collaboration Question of the Week: Cisco Tel...
      • What is Ransomware?
      • Microsoft Brings PowerShell to Linux and Mac
      • Best Lenovo Laptops for Business
      • CCNP Data Center Question of the Week: Cisco Nexus...
      • Help Desk Institute (HDI) Certification Guide: Ove...
      • SOTI MobiControl v13 Mobile Device Management Review
      • Google Chrome OS for Work: What You Need to Know
      • How To Set Up And Configure DNS On Windows Server ...
      • Building a Business Case for a Cloud Monitoring So...
      • Security+ Question of the Week: Dismiss Alarms
      • Goodbye Patch Tuesday: Windows 7, 8.1 Patches Go M...
      • Azure RemoteApp is Dead. Long Live XenApp Express
      • IT Training vs Certifications: What's the Difference?
      • Best Free Software Defined Networking (SDN) Traini...
      • Best Free Project Management Training Materials fo...
      • Why VPNs Are Essential for Small Businesses
      • CCNA Collaboration Question of the Week: Cisco Vid...
      • Microsoft Extends Support Deadline for Intel Skylake
      • Business Phone Services: Best Picks and Buying Guide
      • CCNP Data Center Question of the Week: Scalability...
      • Best IT Jokes. Ever.
      • Video Series from MVA Could Help You Ace Your MS C...
      • Six Sigma Certification Guide: Overview and Career...
      • Delta's Virtual Crash and How to Avoid Your Own
      • CEH v9 Question of the Week: Password Attack Method
      • What is Microsoft Azure Stack?
      • Scrum.org Certification Guide: Overview and Career...
      • Windows 10 For IT Pros: Tutorials, Tips & Tricks
      • How to Become a Network Architect
      • How to Join Windows Server 2016 to an Active Direc...
      • Free Microsoft Azure Online Training
      • Docker Container: What It Is and Why It's Important
      • CCNA Collaboration Question of the Week: Lighting ...
      • Is Biometrics the Future of BYOD Security?
      • Avaya Certification Guide: Overview and Career Paths
      • CCNP Data Center Question of the Week: Cisco Fabri...
      • How to Deploy a Windows Server 2016 Server as an A...
      • Prepping for the PMP Exam? It’s Just Another Project
      • 13 Free InfoSec Training Resources For IT Pros
      • 10 Best New Features in Windows Server 2016
      • About Us
      • Dropbox AdminX: 5 Things to Know About Team Folders
      • 10 Free AWS Online Training Resources for IT Pros
      • CEH v9 Question of the Week: Social Engineering At...
      • MS Press Releases Free Windows 10 E-Book for Anniv...
      • How To Become A CIO Or CTO
      • Tresorit Encrypted Cloud Storage: What You Need to...
      • IT Departments Must Humanize to Prevent Errors
      • Inside the EMM Decision: One Company's Tale
      • What Are Mobile Botnets?
      • CCNA Collaboration Question of the Week: Cisco Tel...
    • ►  July (39)
    • ►  June (71)
    • ►  May (68)
    • ►  April (175)
    • ►  March (201)
    • ►  February (199)
    • ►  January (164)
  • ►  2015 (947)
    • ►  December (190)
    • ►  November (248)
    • ►  October (291)
    • ►  September (218)

About Me

Unknown
View my complete profile
Simple theme. Powered by Blogger.