312-50V9 · Question #583
312-50V9 Question #583: Real Exam Question with Answer & Explanation
The correct answer is D: Hybrid Attack. A hybrid attack is fastest here because users under complexity requirements tend to construct passwords by appending numbers or symbols to familiar words, and hybrid attacks systematically apply exactly those mutations to dictionary candidates.
Question
Options
- AOnline Attack
- BDictionary Attack
- CBrute Force Attack
- DHybrid Attack
Explanation
A hybrid attack is fastest here because users under complexity requirements tend to construct passwords by appending numbers or symbols to familiar words, and hybrid attacks systematically apply exactly those mutations to dictionary candidates.
Common mistakes.
- A. An online attack submits guesses directly against the live authentication system, making it extremely slow and subject to account lockout policies that would halt the attempt quickly.
- B. A pure dictionary attack would fail against passwords that meet the 3-of-4 complexity rule because most plain dictionary words do not contain numbers or special characters.
- C. A brute force attack against passwords of 8 or more characters drawn from a mixed character set would require an impractically long time compared to a knowledge-guided hybrid approach.
Concept tested. Hybrid password cracking attack against complexity policies
Reference. https://learn.microsoft.com/en-us/windows-server/security/windows-authentication/passwords-overview
Community Discussion
No community discussion yet for this question.