nerdexam
EC-Council

312-50V10 · Question #157

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the

The correct answer is D. Dictionary-attack. The student is using a predefined list of commonly used passwords to crack a PDF, which is the defining characteristic of a dictionary attack. A brute-force attack differs by trying every possible character combination rather than a curated wordlist.

System Hacking

Question

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted. Which cryptography attack is the student attempting?

Options

  • AMan-in-the-middle attack
  • BSession hijacking
  • CBrute-force attack
  • DDictionary-attack

How the community answered

(45 responses)
  • A
    4% (2)
  • B
    2% (1)
  • C
    2% (1)
  • D
    91% (41)

Why each option

The student is using a predefined list of commonly used passwords to crack a PDF, which is the defining characteristic of a dictionary attack. A brute-force attack differs by trying every possible character combination rather than a curated wordlist.

AMan-in-the-middle attack

A man-in-the-middle attack intercepts live communication between two parties and does not involve attempting to crack a static document's encryption password.

BSession hijacking

Session hijacking involves stealing or forging an authenticated session token in a live network session, not attacking the encryption of an offline document.

CBrute-force attack

A brute-force attack systematically tries every possible character combination without a predefined list, whereas using a specific wordlist of common passwords defines a dictionary attack.

DDictionary-attackCorrect

A dictionary attack uses a precompiled list of likely or commonly used passwords to attempt authentication against a target. Unlike brute-force, it does not enumerate every possible combination but relies on the statistical likelihood that users choose predictable passwords. The student's explicit use of 'a list of commonly used passwords' precisely matches this definition.

Concept tested: Dictionary attack versus brute-force cryptography

Source: https://csrc.nist.gov/glossary/term/dictionary_attack

Topics

#dictionary attack#password cracking#wordlist attack#PDF security

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice