312-50V13 · Question #115
312-50V13 Question #115: Real Exam Question with Answer & Explanation
The correct answer is A: Hardware, Software, and Sniffing.. To retrieve passwords from client hosts and servers during a penetration test, a consultant would employ various methods including hardware keyloggers, software keyloggers, and network sniffing.
Question
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers. Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?
Options
- AHardware, Software, and Sniffing.
- BHardware and Software Keyloggers.
- CPasswords are always best obtained using Hardware key loggers.
- DSoftware only, they are the most effective.
Explanation
To retrieve passwords from client hosts and servers during a penetration test, a consultant would employ various methods including hardware keyloggers, software keyloggers, and network sniffing.
Common mistakes.
- B. While hardware and software keyloggers are effective, this option omits network sniffing, which is another crucial method for password retrieval in many scenarios.
- C. This statement is false; passwords can be obtained through various means, and hardware keyloggers are not always the 'best' or most practical method in all situations, especially for remote systems.
- D. This statement is false; software keyloggers are effective, but they are not the only nor always the most effective method, as hardware keyloggers and network sniffing also play significant roles in password retrieval.
Concept tested. Password retrieval techniques
Topics
Community Discussion
No community discussion yet for this question.