Which of the following password attacks uses preconfigured matrices of hashed dictionary words correct answer?

Password attacks attempt to discover, or bypass, passwords used for authentication on systems and networks, and for different types of files. Some password attacks are sophisticated cryptographic attacks, while others are rather simple brute force attacks. If you’re planning to take the SY0-601 version of the Security+ exam, you should understand potential indicators to determine the type of attack.

Nội dung chính

• Helping you Pass the First Time
• All of the content from the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide
• Random 75-question tests
• Performance-based Questions
• Online Flashcard Set
• Audio – SY0-601 Security+ Remember This Audio Files
• Audio – SY0-601 Security+ Question and Answer Audio Files
• Bonus #3 
• Bonus #4 
• Bonus #5 
• Birthday Attacks
• Rainbow Table Attacks
• Upgrade Your Resume with the Security+ New Version
• Pass the First Time You Take It
• Salting Passwords
• Key Stretching
• The 601 Version of the Study Guide
• What are the types of password attacks quizlet?
• Which of the following accurately describes what a protocol analyzer is used for select two?
• Which classification of attack type does packet sniffing fall under?
• Which of the following is considered a major problem with instant messaging applications?

For example, can you answer this question?

Q. While reviewing logs on a web server hosted by your organization, you notice multiple logon failures to an FTP account, but they’re only happening about once every 30 minutes. You also see that the same password is being tried against the SSH account right after the FTP account logon failure. What BEST describes what is happening?

A. Brute force attack

B. Dictionary attack

C. Plaintext attack

D. Spraying attack

More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation are available at the end of this post.

Full Security+ Course

SY0-601 Full Security+ Course

Helping you Pass the First Time

This course includes all of the multiple-choice practice test questions, performance-based questions, audio, and flashcards from the but adds the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide within an online course.

Test your readiness with these quality materials

Here’s what you get

All of the content from the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide

Random 75-question tests

Random practice tests from the all of the practice test questions in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. All questions include explanations so you’ll know why the correct answers are correct, and why the incorrect answers are incorrect.

Performance-based Questions

These questions show you what you can expect in the live exam. They include drag and drop, matching, sorting, and fill in the blank questions.

Online Flashcard Set

• Online Security+ Remember This Slide from the popular CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide
• Online Security+ Question and Answer Flashcards organized by domain
• Online Security+ Acronyms Flashcards

Audio – SY0-601 Security+ Remember This Audio Files

Learn by Listening (MP3 downloads.)

Audio – SY0-601 Security+ Question and Answer Audio Files

Learn by Listening (MP3 downloads.)

Bonus #1

The same set of questions organized by domain including questions in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide plus extra practice test questions.

Bonus #2

Audio from the end of chapter reviews from each of the chapters in the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide.

Bonus #3 

Access to all of the online content that is available for free to anyone that purchases the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide. This includes labs, extra practice test questions, and supplementary materials.

Bonus #4 

Extended access. Access the study materials for a total of 60 days because sometimes life happens.

Bonus #5 

10% off Voucher Code. Access to a coupon code that will give you 10% off your exam voucher. At the current price of $370 USD for the Security+ voucher, this can save you $37.

Get the SY0-601 Full Security+ Course Here

An online password attack attempts to discover a password from an online system. For example, an attacker can try to log on to an account by repeatedly guessing the username and password. Many tools are available that attackers can use to automate the process. For example, ncrack is a free tool that can be used to run online brute force password attacks.

Offline password attacks attempt to discover passwords from a captured database or captured packet scan. For example, when attackers hack into a system or network causing a data breach, they can download entire databases. They then perform offline attacks to discover the passwords contained within these downloaded databases.

A primary indicator of online password attacks can be found in system logs that record successful and unsuccessful logons. These logs will show repeated attempts to guess passwords. In Windows systems, this is recorded as Event ID 4625 in the Security log available in Event Viewer. If the attacker enters the wrong password too many times, the system will lock the user account. This is recorded as Event ID 4740. The online labs show you how to create a custom filter to view these events.

Birthday Attacks

A birthday attack is named after the birthday paradox in mathematical probability theory. The birthday paradox states that for any random group of 23 people, there is a 50 percent chance that 2 of them have the same birthday. This is not the same year, but instead one of the 366 days in a year, including February 29.

In a birthday attack, an attacker attempts to create a password that produces the same hash as the user’s actual password. This is also known as a hash collision, as described earlier. Using the knowledge of the birthday paradox, the attacker doesn’t need to guess every possible password before discovering a collision. If the password could only be one of 366 possibilities, the attacker has a 50 percent chance of guessing it after only 23 attempts. Birthday attacks on hashes are thwarted by increasing the number of bits used in the hash to increase the number of possible hashes. For example, the MD5 algorithm uses 128 bits and is susceptible to birthday attacks. SHA-3 can use as many as 512 bits and is not susceptible to birthday attacks.

Rainbow Table Attacks

Rainbow table attacks are a type of attack that attempts to discover the password from the hash. A rainbow table is a huge database of possible passwords with the precomputed hashes for each. It helps to look at the process of how some password cracker applications discover passwords without a rainbow table. Assume that an attacker has the hash of a password. The application can use the following steps to discover the password that matches the hash:

1. The application guesses a password (or uses a password from a dictionary).
2. The application hashes the guessed password.
3. The application compares the original password hash with the guessed password hash. If they are the same, the application now knows the password.
4. If they aren’t the same, the application repeats steps 1 through 3 until finding a match.

From a computing perspective, the most time-consuming part of these steps is hashing the guessed password in step 2. However, by using rainbow tables, applications eliminate this step. Rainbow tables are huge databases of passwords and their calculated hashes. Some rainbow tables are as large as 690 GB in size, and they include hashes for every possible combination of characters up to nine characters in length. Larger rainbow tables are also available using more characters.

Rainbow table attacks are often performed offline on stolen or compromised databases. In a rainbow table attack, the application simply compares the hash of each password in the database against hashes stored in the rainbow table. When the application finds a match, it identifies the password used to create the hash (or at least text that can reproduce the hash of the original password). Admittedly, this is a simplistic explanation of a rainbow table attack, but it is adequate unless you plan on writing an algorithm to create your own rainbow table attack software.

Security+ (SY0-601) Practice Test Questions

SY0-601 Practice Test Questions 

Over 385 realistic Security+ practice test questions

At least 10 performance-based questions

All questions include explanations so you’ll know why the correct answers are correct,

and why the incorrect answers are incorrect.

Upgrade Your Resume with the Security+ New Version

Multiple quiz formats to let you use these questions based on the way you learn.

• Learn mode – randomized. View each of the questions in random order. Learn mode allows you to keep selecting answers until you select the correct answer. Once you select the correct answer, you’ll see the explanation. Click here to see how learn mode works.
• Test mode – randomized. View each of the questions in random order. In test mode, you can only see the correct answers and explanations after you complete the test. Click here to see how test mode works.
• Test mode – 75 random questions. View 75 random questions from the full test bank similar to how the Security+ exam has a potential maximum of 75 multiple choice questions.

Pass the First Time You Take It

Get the full bank of SY0-601 Practice Test Questions Here

Click here if you’re looking for SY0-501 Online Study Package

Salting Passwords

Salting passwords is a common method of preventing rainbow table attacks, along with other password attacks such as brute force and dictionary attacks. A salt is a set of random data such as two additional characters. Password salting adds these additional characters to a password before hashing it. These additional characters add complexity to the password, and result in a different hash than the system would create using only the original password. This causes password attacks that compare hashes with a rainbow table to fail.

Key Stretching

Key stretching is an advanced technique used to increase the strength of stored passwords. Instead of just adding a salt to the password before hashing it, key stretching applies a cryptographic stretching algorithm to the salted password. The benefit of key stretching is that it consumes more time and computing resources— frustrating attackers who are trying to guess passwords.

Three common key stretching techniques are bcrypt, Password-Based Key Derivation Function 2 (PBKDF2), and Argon2.

Bcrypt is based on the Blowfish block cipher and is used on many Unix and Linux distributions to protect the passwords stored in the shadow password file. Bcrypt salts the password by adding additional random bits before encrypting it with Blowfish. Bcrypt can go through this process multiple times to further protect against attempts to discover the password. The result is a 60-character string.

As an example, if your password is IL0ve$ecurity, an application can encrypt it with bcrypt and a salt. It might look like this, which the application stores in a database:

$2b$12$HXIKtJr93DH59BzzKQhehOI9pGjRA/03ENcFRby1jH7nXwt1Tn0kG

Later, when a user authenticates with a username and password, the application runs bcrypt on the supplied password and compares it with the stored bcrypt-encrypted password. If the bcrypt result of the supplied password is the same as the stored bcrypt result, the user is authenticated.

As an added measure, it’s possible to add some pepper to the salt to further randomize the bcrypt string. In this context, the pepper is another set of random bits stored elsewhere.

PBKDF2 uses salts of at least 64 bits and uses a pseudo-random function such as HMAC to protect passwords. Many algorithms such as Wi-Fi Protected Access II (WPA2), Apple’s iOS mobile operating system, and Cisco operating systems use PBKDF2 to increase the security of passwords. Some applications send the password through the PBKDF2 process as many as 1,000,000 times to create the hash. The size of the resulting hash varies with PBKDF2 depending on how it is implemented. Bit sizes of 128 bits, 256 bits, and 512 bits are most common.

A weakness with PBKDF2 is that it can be configured to use less computing time and less RAM. While this may seem beneficial to users, it also makes it easier for attackers, allowing them to guess many passwords in a short amount of time.

A Password Hashing Competition (PHC) in 2015 selected Argon2 as an alternative key stretching algorithm. Like bcrypt and PBKDF2, Argon2 uses a password and salt that is passed through an algorithm several times. Argon2 has been improved with each new version using a lowercase letter such as Argon2d and Argon2i.

CompTIA Security+ Study Guide

The 601 Version of the Study Guide

The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide

Each of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.

You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.

Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:

• A 75 question pre-test
• A 75 question post-test
• Practice test questions at the end of every chapter.

Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.

If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.

Kindle edition also available.

Q. While reviewing logs on a web server hosted by your organization, you notice multiple logon failures to an FTP account, but they’re only happening about once every 30 minutes. You also see that the same password is being tried against the SSH account right after the FTP account logon failure. What BEST describes what is happening?

A. Brute force attack

B. Dictionary attack

C. Plaintext attack

D. Spraying attack

Answer is D. This indicates a password spraying attack. It loops through a list of accounts, guessing a password for one account at a time, and then guessing the same password for a different account.

In this scenario, the attack may be guessing passwords for other servers before it returns to the web server.

A brute force attack attempts to guess all possible character combinations for a password, and a dictionary attack uses a dictionary of words trying to discover the correct password.

A spraying attack could use either a brute force method or a dictionary method when guessing the password; however, these methods do not loop through a list of user accounts.

In a plaintext attack (also called a known plaintext attack), an attacker has samples of known plaintext and can use these samples to decrypt ciphertext that includes this plaintext.

See Chapter 10 of the CompTIA Security+: Get Certified Get Ahead: SY0-601 Study Guide for more information on implementing secure systems.