The attacker copies the target's password file and then tries to crack passwords on his own system at a different location.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

The attacker copies the target's password file and then tries to crack passwords on his own system at a different location.

Explanation:
Cracking passwords after copying the target’s password file is an offline attack. Here, the attacker steals the password file (or the password hashes) from the system and then does the cracking on their own computer at a different location, without interacting with the live login service. This approach lets them use substantial computing power, and often tools like rainbow tables or large wordlists, while avoiding direct contact with the target’s authentication system and the safeguards it would normally trigger (like failed login counters or account lockouts). Online attacks, in contrast, involve attempting passwords directly against the target’s login service, which can alert monitoring systems and trigger lockouts. Active attacks refer to actively manipulating systems or data to achieve access, and non-electronic attacks are non-digital methods. So the described scenario fits an offline attack.

Cracking passwords after copying the target’s password file is an offline attack. Here, the attacker steals the password file (or the password hashes) from the system and then does the cracking on their own computer at a different location, without interacting with the live login service. This approach lets them use substantial computing power, and often tools like rainbow tables or large wordlists, while avoiding direct contact with the target’s authentication system and the safeguards it would normally trigger (like failed login counters or account lockouts).

Online attacks, in contrast, involve attempting passwords directly against the target’s login service, which can alert monitoring systems and trigger lockouts. Active attacks refer to actively manipulating systems or data to achieve access, and non-electronic attacks are non-digital methods. So the described scenario fits an offline attack.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy