Password Cracking Techniques and Countermeasures Flashcards
Which of the following protocols employs a key distribution center (KDC) that consists of two logically distinct parts, an authentication server (AS) and a ticket-granting server (TGS), and uses “tickets” to prove a user’s identity?
Kerberos authentication: Microsoft has upgraded its default authentication protocol to Kerberos, which provides a stronger authentication for client/server applications than NTLM.
Which of the following protocols was upgraded as a default authentication protocol on Windows OS to provide stronger authentication for client/server applications?
Kerberos: Microsoft has upgraded its default authentication protocol to Kerberos which provides a stronger authentication for client/server applications than NTLM.
Which of the following is a default authentication scheme that performs authentication using a challenge/response strategy as it does not rely on any official protocol specification and has no guarantee to work effectively in every situation?
NTLM: NTLAN Manager (NTLM) is a default authentication scheme that performs authentication using a challenge/response strategy. Because it does not rely on any official protocol specification, there is no guarantee that it works effectively in every situation.
Don, a professional hacker, targeted Bob to steal the credentials of his bank account. Don lured Bob to install malicious software embedded with a keylogger. The keylogger installed on Bob’s machine recorded all of Bob’s keystrokes and transmitted them to Don. Using the keylogger, Don obtained the credentials of Bob’s bank account and performed illegal transactions on his account. Identify the type of attack Don has performed in the above scenario.
Active Online Attacks: Here, the attacker communicates with the target machine to gain password access. Techniques used to perform active online attacks include password guessing, dictionary and brute-forcing attacks, hash injection, LLMNR/NBT-NS poisoning, use of Trojans/spyware/keyloggers, internal monologue attacks, Markov-chain attacks, Kerberos password cracking, etc.
Identify the password cracking tool that helps attackers to gain unauthorized access to the system or network.
THC-Hydra: THC Hydra is a parallelized login cracker that can attack numerous protocols. This tool is a proof-of-concept code that provides researchers and security consultants the possibility to demonstrate how easy it would be to gain unauthorized remote access to a system.
Malcolm, a professional hacker, is attempting to access an organization’s systems remotely. For this purpose, he used a tool to recover the passwords of the target system and gain unauthorized access to critical files and other system software. Identify the tool used by Malcolm to crack the passwords of the target system.
hashcat: Hashcat is a cracker compatible with multiple OSs and platforms and can perform multi-hash (MD4, 5; SHA – 224, 256, 384, 512; RIPEMD-160; etc.), multi-device password cracking.
Teena, a security professional, has recently joined the company, and she has been trained in various security practices to be followed to protect passwords from being compromised. While implementing the security practices, she notices that a system is susceptible to password cracking attacks. Identify the practice noticed by Teena that can lead to password cracking attacks.
Allow the storing of passwords in an unsecured location.
Which of the following countermeasures should be followed to protect against password cracking?
Do not use passwords that can be found in a dictionary
Meghan, a professional hacker, was trying to gain unauthorized access to the admin-level system of the target organization. To hack the passwords used by admins, she employed various password cracking techniques such as internal monologue attack, Markov-chain attack, Kerberos password cracking, and LLMNR/NBT-NS poisoning.
Active Online Attacks: This is one of the easiest ways to gain unauthorized administrator-level system access. Here, the attacker communicates with the target machine to gain password access. Techniques used to perform active online attacks include password guessing, dictionary and brute-forcing attacks, hash injection, LLMNR/NBT-NS poisoning, use of Trojans/spyware/keyloggers, internal monologue attacks, Markov-chain attacks, Kerberos password cracking, etc.
Which of the following technique is a brute-force attack on encryption where all possible keys are tested in an attempt to recover the plaintext used to produce a particular ciphertext?
Cryptanalysis: the art or process of deciphering coded messages without being told the key.
