CISSP PRACTICE QUESTIONS – 20200229

Your company sells toys online and ships globally. As a security professional, you are planning for a security assessment. As the password attack is one of the most common attacks, for example, brute force attack, dictionary attack, rainbow table attack, and so forth, an external security team will be employed to inspect weak passwords. For experienced, ethical hackers, which of the following passwords most likely takes the highest cryptanalysis work factor?
A. 0000
B. uTqD3S^#
C. !@#$%^&*
D. 4a7d1ed414474e4033ac29ccb8653d9b


Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is B. uTqD3S^#.

  • uTqD3S^# is a strong password.
  • 0000 is the notorious naive password.
  • !@#$%^&* is enlisted in the top 25 of the most common passwords. Almost every dictionary includes this common password.
  • 4a7d1ed414474e4033ac29ccb8653d9b is the MD5 hash of 0000. Almost every rainbow table includes this hash value.

 

 

 


您的公司在線銷售玩具,並在全球範圍內發貨。 作為安全專家,您正在計劃進行安全評估。 由於密碼攻擊是最常見的攻擊之一,例如蠻力攻擊,字典攻擊,彩虹表攻擊等,因此將聘請外部安全團隊檢查弱密碼。 對於有經驗的道德黑客,破解以下哪個密碼需要最高的工作因子(work factor)?
A. 0000
B. uTqD3S^#
C. !@#$%^&*
D. 4a7d1ed414474e4033ac29ccb8653d9b

1 thought on “CISSP PRACTICE QUESTIONS – 20200229

Leave a Reply