16A: Test Credentials

Question 1

File containing data captured from system memory.

Answer 1

dump

Question 2

A randomly generated string that can be added to the password before hashing.

Answer 2

salt

Question 3

Type of password attack that compares encrypted passwords against a predetermined list of possible password values.

Answer 3

dictionary attack

Question 4

Type of password attack where an attacker uses an application to exhaustively try every possible alphanumeric combination to crack encrypted passwords.

Answer 4

brute force attack

Question 5

Type of password attack that can make use of word lists to create variants and combinations.

Answer 5

rule based attack

Question 6

If the attacker’s dictionary is exhausted, the cracking tool can then try variations of the passwords by trimming or expanding words or substituting numbers or special characters for letters. It can also try specific combinations of characters using placeholders (i.e.,: ?a?a?d?d?d?d)

Answer 6

mask attack

Question 7

Brute force attack in which multiple user accounts are tested with a dictionary of common passwords.

Answer 7

password spray

Question 8

hash that starts with $1

Answer 8

MD5

Question 9

hash that starts with $2a

Answer 9

blowfish

Question 10

hash that starts with $5

Answer 10

SHA-256

Question 11

hash that starts with $6

Answer 11

SHA-512

Question 12

In Windows, this is a simple MD4 hash of the password (encoded as UTF-16 little endian). It is unsalted but allows passwords up to 128 characters long.

Answer 12

NT Hash

Question 13

In Kerberos, a token issued to an authenticated account to allow access to authorized application servers.

Answer 13

Ticket Granting Ticket (TGT)

Question 14

Used by The Windows Local Security Authority (LSASS) to store a variety of user, service, and application passwords.

Answer 14

LSA Secrets