ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 208 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 208
Topic #: 1
[All 312-50v12 Questions]

As a certified ethical hacker, you are performing a system hacking process for a company that is suspicious about its security system. You found that the company’s passwords are all known words, but not in the dictionary. You know that one employee always changes the password by just adding some numbers to the old password. Which attack is most likely to succeed in this scenario?

  • A. Brute-Force Attack
  • B. Password Spraying Attack
  • C. Hybrid Attack
  • D. Rule-based Attack
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
agelbahri
1 month, 3 weeks ago
Selected Answer: C
A Hybrid Attack can adapt and incorporate a range of possible modifications (like appending any number from 0–9999), which covers the broader password modification habits described in this scenario. This adaptability makes it the more suitable and successful approach here. In short, while Rule-Based Attacks are precise, Hybrid Attacks are more flexible and effective for cracking passwords with variable patterns
upvoted 1 times
...
blehbleh
5 months, 1 week ago
Selected Answer: D
Pretty sure this is D. It seems that individuals are over looking the fact that the words are not in the dictionary which is crazy because its literally stated in there. Therefore it should be D.
upvoted 1 times
...
Binx
9 months ago
if the password is explicitly stated as not being in the dictionary, a standard hybrid attack might not be as effective, because it relies on a combination of dictionary words and brute-force techniques. Given this scenario, the most appropriate answer would likely be: D. Rule-based Attack
upvoted 1 times
...
7d8c2c7
9 months ago
C. Hybrid Attack CEH v12 Page 604 ybrid Attack This type of attack depends on the dictionary attack. Often, people change their passwords merely by adding some numbers to their old passwords. In this case, the program would add some numbers and symbols to the words from the dictionary to try to crack the password. For example, if the old password is “system,” then there is a chance that the person will change it to “system1” or “system2.”
upvoted 2 times
...
GK2205
9 months, 3 weeks ago
Selected Answer: D
Attackers use rule-based attacks when they have some knowledge of the passwords and see evidence of simple salts and peppers like "123" at the end of the password. This question is garbage in terms of it's wording, but does combine the two fundamental concepts of rule-based.
upvoted 1 times
...
g_man_rap
1 year ago
D. Rule-based Attack Rule-based attacks are a sophisticated form of brute-force/dictionary attacks where the attacker defines complex rules based on typical user behavior of password creation (like replacing 'o' with '0', adding years at the end, etc.). This can be highly effective if you understand the common modifications users make to base words in their passwords.
upvoted 1 times
...
qtygbapjpesdayazko
1 year, 1 month ago
Selected Answer: C
C. Hybrid Attack Key word Often, people change their passwords merely by adding some numbers to their old passwords.
upvoted 1 times
Lalo
1 year, 1 month ago
answer dddddddddddddddddddddddd A hybrid attack combines elements of a dictionary attack with specific rules, such as adding numbers or symbols to the ends of dictionary words. In theory, this type of attack could fit well with the pattern observed in this employee's password changes, since it is based on predefined rules. However, the reason answer C is not selected as the most likely option in this scenario is because, given the information provided, there is no mention of employees using dictionary words as the basis for their passwords. Instead, passwords are stated to be known words with the addition of numbers.
upvoted 1 times
...
Lalo
1 year, 1 month ago
remember ...company's passwords are all known words, BUT NOT in the dictionary...
upvoted 1 times
...
...
Labas01
1 year, 1 month ago
Selected Answer: D
This is a more powerful attack than disctionary and brute-force attacks because the cracker knows the password type." (M06 P604)
upvoted 1 times
...
dobarb
1 year, 1 month ago
Is C. Hybrid attack, as the first comment says, at page 604 of CEH there is clearly written this attack works when people changes the password by just adding some numbers to the old password.
upvoted 2 times
...
qtygbapjpesdayazko
1 year, 2 months ago
Selected Answer: C
D. Rule-based Attack
upvoted 1 times
qtygbapjpesdayazko
1 year, 1 month ago
well the correct is in fact C. Hybrid Attack
upvoted 1 times
...
...
athicalacker
1 year, 2 months ago
Selected Answer: D
The question mentions the words are not in the dictionary. So it can't be hybrid since it utilizes dictionary of known words.
upvoted 2 times
...
LeongCC
1 year, 2 months ago
Selected Answer: C
C: Hybrid Attack
upvoted 1 times
...
sosindi
1 year, 2 months ago
Selected Answer: C
Hybrid Attack
upvoted 1 times
...
insaniunt
1 year, 2 months ago
Selected Answer: C
Hybrid Attack: This type of attack depends on the dictionary attack. Often, people change their passwords merely by adding some numbers to their old passwords. In this case, the program would add some numbers and symbols to the words from the dictionary to try to crack the password. For example, if the old password is “system,” then there is a chance that the person will change it to “system1” or “system2
upvoted 3 times
qtygbapjpesdayazko
1 year, 1 month ago
This is the way
upvoted 1 times
...
...
Unr34l
1 year, 2 months ago
C. Hybrid Attack A hybrid attack combines elements of both dictionary attacks (known words) and brute-force attacks (trying all possible combinations, including modifications like adding numbers). In this case, the attacker leverages the knowledge that the passwords are known words but also incorporates variations by adding numbers. Hybrid attacks are effective in situations where there are patterns or rules applied to password creation, as is the case in the described scenario.
upvoted 2 times
...
JustAName
1 year, 2 months ago
Selected Answer: D
I think answer is D, because it specify "known words, but NOT dictionary". Hybrid attack combined with known words from dictionary, so rule-based should be a more accurate answer.
upvoted 3 times
athicalacker
1 year, 2 months ago
I agree with this.
upvoted 1 times
...
qtygbapjpesdayazko
1 year, 1 month ago
This is the way
upvoted 1 times
qtygbapjpesdayazko
1 year, 1 month ago
well the correct is in fact C. Hybrid Attack
upvoted 1 times
...
...
...
cloudgangster
1 year, 3 months ago
Selected Answer: C
C check pg 604 CEH V12
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago