312-50V10 Question #83: Real Exam Question with Answer & Explanation

The correct answer is A: Converts passwords to uppercase.. LM hashes have several well-documented cryptographic weaknesses that make them trivially crackable compared to modern hashing schemes. Three of the four choices correctly identify these weaknesses.

System Hacking

Question

Windows LAN Manager (LM) hashes are known to be weak. Which of the following are known weaknesses of LM? (Choose three)

Options

AConverts passwords to uppercase.
BHashes are sent in clear text over the network.
CMakes use of only 32 bit encryption.
DEffective length is 7 characters.

Explanation

LM hashes have several well-documented cryptographic weaknesses that make them trivially crackable compared to modern hashing schemes. Three of the four choices correctly identify these weaknesses.

Common mistakes.

C. LM uses 56-bit DES encryption, not 32-bit - the weakness is the short effective key length and the algorithm choice, but the bit width is 56, not 32.

Concept tested. LAN Manager hash cryptographic weaknesses

Reference. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-do-not-store-lan-manager-hash-value-on-next-password-change

Topics

#LM hashes#Windows authentication#password weaknesses#NTLM

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice