nerdexam
EC-Council

312-50V11 · Question #676

When discussing passwords, what is considered a brute force attack?

The correct answer is A. You attempt every single possibility until you exhaust all possible combinations or discover the. A brute force attack exhaustively tries every possible character combination until the correct password is found or all possibilities are eliminated.

System Hacking

Question

When discussing passwords, what is considered a brute force attack?

Options

  • AYou attempt every single possibility until you exhaust all possible combinations or discover the
  • BYou threaten to use the rubber hose on someone unless they reveal their password
  • CYou load a dictionary of words into your cracking program
  • DYou create hashes of a large number of words and compare it with the encrypted passwords
  • EYou wait until the password expires

How the community answered

(40 responses)
  • A
    88% (35)
  • C
    3% (1)
  • D
    3% (1)
  • E
    8% (3)

Why each option

A brute force attack exhaustively tries every possible character combination until the correct password is found or all possibilities are eliminated.

AYou attempt every single possibility until you exhaust all possible combinations or discover theCorrect

A brute force attack is defined by its systematic, exhaustive enumeration - it attempts every possible combination of characters up to a given length with no reliance on wordlists or precomputed data. Unlike dictionary or rainbow table attacks, it requires no prior knowledge of the password and is theoretically guaranteed to succeed given sufficient time and computational resources.

BYou threaten to use the rubber hose on someone unless they reveal their password

Threatening or inflicting physical harm to coerce a password is called a rubber hose attack, which is a social engineering and coercion technique, not a cryptographic brute force method.

CYou load a dictionary of words into your cracking program

Loading a list of words into a cracking program describes a dictionary attack, which uses probable passwords rather than exhaustive enumeration of all combinations.

DYou create hashes of a large number of words and compare it with the encrypted passwords

Pre-computing hashes and comparing them to stored password hashes describes a rainbow table attack, which trades disk storage for faster cracking speed.

EYou wait until the password expires

Waiting for a password to expire is a passive tactic with no active attempt to discover or crack the password.

Concept tested: Brute force password attack definition and classification

Source: https://owasp.org/www-community/attacks/Brute_force_attack

Topics

#brute force attack#password cracking#exhaustive search#authentication attacks

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice