ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 220 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 220
Topic #: 1
[All 312-50v11 Questions]

Ricardo has discovered the username for an application in his target's environment. As he has a limited amount of time, he decides to attempt to use a list of common passwords he found on the Internet. He compiles them into a list and then feeds that list as an argument into his password-cracking application.
What type of attack is Ricardo performing?

  • A. Brute force
  • B. Known plaintext
  • C. Dictionary
  • D. Password spraying
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by orabeya at May 30, 2021, 11:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Mdean
Highly Voted 1 year, 11 months ago
Dictionary is the right Answer. Brute Force is when you attempt to use every character or number in combination until you get a result. It eventually works but time consuming. As per the question, they stated that a word list is prepared in order to save time so it is clearly a Dictionary attack.
upvoted 29 times
calin2020
1 year, 9 months ago
The difference with brute force attack is that, in brute force, a large number of possible key permutations are checked whereas, in the dictionary attack, only the words with most possibilities of success are checked and are less time consuming than brute force.
upvoted 2 times
...
yaboyb
1 year, 11 months ago
I agree, thanks for the explanation.
upvoted 3 times
...
...
Daniel8660
Most Recent 6 months, 3 weeks ago
Selected Answer: C
Password Cracking Online attacks Dictionary attack - An attacker may either crack a password manually by guessing it or use automated tools and techniques such as a dictionary or a brute-force method. 
Most password-cracking techniques are successful because of weak or easily guessable passwords. (P.577/561)
upvoted 2 times
...
cehtaker
1 year, 3 months ago
Selected Answer: C
a classic dictionary attack
upvoted 1 times
...
venera
1 year, 4 months ago
Dictionary attack: A dictionary attack uses a predefined file containing various combinations of words, and an automated program enters these words one at a time to check if any of them are the password. This might not be effective if the password includes special characters and symbols. If the password is a simple word, then it can be found quickly. Compared to a brute-force attack, a dictionary attack is less time-consuming. CEH Module 13 - Page 1625
upvoted 2 times
...
ProveCert
1 year, 4 months ago
Selected Answer: C
A dictionary attack is an attack that tries to guess at the key of a ciphertext by attempting many different common passwords and possible passwords that are likely to be used by humans.
upvoted 1 times
...
sanderman55
1 year, 7 months ago
This used to be a 300 Questions link. why are they 400 now? does anybody know? what's weird though is that i see comments from months ago but these are new questions.
upvoted 2 times
C40s
1 year, 5 months ago
I guess they added v10...
upvoted 2 times
...
...
jinjection
1 year, 7 months ago
C: Dictionary Because are "common word" , for bruteforce attack the words can be generated by crunch tool for example "2dj3?^21-:"
upvoted 2 times
...
ANDRESCB1988
1 year, 9 months ago
correct, Dictionary
upvoted 2 times
CNisha
1 year, 9 months ago
Did you gave the CEH exam recently ?
upvoted 3 times
...
...
beowolf
1 year, 10 months ago
Basic concepts, no confusion here.
upvoted 1 times
...
yaboyb
1 year, 11 months ago
No, this is a brute force attack. There is no large number of accounts being compromised in this scenario(only 1).
upvoted 2 times
QuidProQuoo
1 year, 11 months ago
Ah, ofc. brute forcing one account instead of multiple... I need to read properly, thank you
upvoted 1 times
...
...
QuidProQuoo
1 year, 11 months ago
Shouldn't this be D? Password spraying? Like Orabeya said...
upvoted 1 times
ripple
1 year, 11 months ago
No, password spraying is a different type of attack, this is very clearly a Dictionary attack. Password Spraying involves attempting to access a large number of accounts by using a small number of commonly used passwords, this question specifically mentions that it's a single account that he is attempting to access. Since it's a single account and the password is unknown it instantly cuts it down to either Brute Force or Dictionary attack and since the attacker is clearly using a wordlist of commonly used passwords and not trying to brute force it then it only leaves C: Dictionary
upvoted 6 times
...
...
orabeya
1 year, 11 months ago
Password Spraying: Password spraying is an attack that attempts to access a large number of accounts (usernames) with a few commonly used passwords
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago