Which technique compares passwords against a list of words and their hash values?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Boost your cybersecurity skills with our NOCTI Cybersecurity Standard Certification Quiz. Explore detailed questions and explanations to enhance your preparation and succeed on your certification exam!

Multiple Choice

Which technique compares passwords against a list of words and their hash values?

Explanation:
This question tests how password cracking can exploit common weak choices by using a predefined list of candidate passwords. In a dictionary attack, the attacker uses a wordlist—collections of common words, phrases, and their variations—and computes the hash of each word using the same hashing algorithm that protects the password. The attacker then compares those hashes to the target’s stored hash. If a match is found, the corresponding word is recovered as the password. This approach is fast when users choose simple, commonly used passwords, because those words are all included in the list and don’t require trying every possible character combination. Brute-force attacks, in contrast, try many possible passwords in no particular order until one matches, which can be much slower. Rainbow tables involve precomputed hashes arranged in a different structure to speed up lookups but aren’t limited to simple word lists, and hash collision is about two different inputs producing the same hash, which isn’t the mechanism described here. So the scenario described is best described as a dictionary attack.

This question tests how password cracking can exploit common weak choices by using a predefined list of candidate passwords. In a dictionary attack, the attacker uses a wordlist—collections of common words, phrases, and their variations—and computes the hash of each word using the same hashing algorithm that protects the password. The attacker then compares those hashes to the target’s stored hash. If a match is found, the corresponding word is recovered as the password. This approach is fast when users choose simple, commonly used passwords, because those words are all included in the list and don’t require trying every possible character combination.

Brute-force attacks, in contrast, try many possible passwords in no particular order until one matches, which can be much slower. Rainbow tables involve precomputed hashes arranged in a different structure to speed up lookups but aren’t limited to simple word lists, and hash collision is about two different inputs producing the same hash, which isn’t the mechanism described here. So the scenario described is best described as a dictionary attack.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy