A security consultant was hired to audit a company's password are account policy. The company implements the following controls: Minimum password length: 16 Maximum password age: 0 Minimum password age: 0 Password complexity: disabled Store passwords in plain text: disabled Failed attempts lockout: 3 Lockout timeout: 1 hour The password database uses salted hashes and PBKDF2. Which of the following is MOST likely to yield the greatest number of plain text passwords in the shortest amount of time?
A) Offline hybrid dictionary attack
B) Offline brute-force attack
C) Online hybrid dictionary password spraying attack
D) Rainbow table attack
E) Online brute-force attack
F) Pass-the-hash attack

Question

Quizplus · Accepted Answer

The Answer of A security consultant was hired to audit a company's password are account policy. The company implements the following controls: Minimum password length: 16 Maximum password age: 0 Minimum password age: 0 Password complexity: disabled Store passwords in plain text: disabled Failed attempts lockout: 3 Lockout timeout: 1 hour The password database uses salted hashes and PBKDF2. Which of the following is MOST likely to yield the greatest number of plain text passwords in the shortest amount of time?
A) Offline hybrid dictionary attack
B) Offline brute-force attack
C) Online hybrid dictionary password spraying attack
D) Rainbow table attack
E) Online brute-force attack
F) Pass-the-hash attack

A Security Consultant Was Hired to Audit a Company's Password