nerdexam
Exams312-50V11Questions#45
EC-Council

312-50V11 · Question #45

312-50V11 Question #45: Real Exam Question with Answer & Explanation

The correct answer is B: The password file does not contain the passwords themselves.. On modern Linux systems, /etc/passwd stores user account metadata but actual password hashes are stored in /etc/shadow, making the passwd file useless for direct password recovery.

Question

A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?

Options

  • AThe file reveals the passwords to the root user only.
  • BThe password file does not contain the passwords themselves.
  • CHe cannot read it because it is encrypted.
  • DHe can open it and read the user ids and corresponding passwords.

Explanation

On modern Linux systems, /etc/passwd stores user account metadata but actual password hashes are stored in /etc/shadow, making the passwd file useless for direct password recovery.

Common mistakes.

  • A. The /etc/passwd file does not reveal passwords for any user including root - it only stores a placeholder 'x' in the password field for all accounts.
  • C. The /etc/passwd file is not encrypted; it is a plaintext file readable by all users, but it simply does not contain password data.
  • D. While /etc/passwd does contain user IDs, it does not contain corresponding passwords - those are stored in /etc/shadow with restricted permissions.

Concept tested. Linux shadow password file security

Reference. https://man7.org/linux/man-pages/man5/passwd.5.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V11 Practice