ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 254 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 254
Topic #: 1
[All 312-50v12 Questions]

An attacker decided to crack the passwords used by industrial control systems. In this process, he employed a loop strategy to recover these passwords. He used one character at a time to check whether the first character entered is correct; if so, he continued the loop for consecutive characters. If not, he terminated the loop. Furthermore, the attacker checked how much time the device took to finish one complete password authentication process, through which he deduced how many characters entered are correct.

What is the attack technique employed by the attacker to crack the passwords of the industrial control systems?

  • A. Buffer overflow attack
  • B. Side-channel attack
  • C. Denial-of-service attack
  • D. HMI-based attack
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by qtygbapjpesdayazko at Feb. 24, 2024, 12:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ethacker2
8 months, 2 weeks ago
Selected Answer: B
B. Side-channel attack CEHv12 Book Module 18 p. 2956 Attackers perform a side-channel attack by monitoring its physical implementation to obtain critical information from a target system. Attackers use two techniques, namely timing analysis and power analysis, to perform side-channel attacks on the target OT systems. Passwords are often transmitted through a serial channel. Attackers employ a loop strategy to recover these passwords. They use one character at a time to check whether the first character entered is correct; if so, the loop continues for consecutive characters. If not, the loop terminates. Attackers check how much time the device is taking to finish one complete password authentication process, through which they can determine how many characters entered are correct.
upvoted 3 times
...
insaniunt
8 months, 3 weeks ago
Selected Answer: B
B. Side-channel attack In this scenario, the attacker is exploiting information leaked through a side channel, which is the time it takes for the authentication process. This method is often referred to as a timing attack.
upvoted 2 times
...
qtygbapjpesdayazko
8 months, 3 weeks ago
CEH experts can you validate this solution
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago