GCIH - Chapter 5.5: Attack Types Exam Questions with Correct Answers Latest Update
2026/2027
Four methods of password cracking - Answers Passive online, Active online, Offline, and
nontechnical attacks
Passive Online Password Attack - Answers Performed by listening for the password, typically
through packet sniffing, man-in-the-middle or replay attacks
Man-in-the-middle Attack - Answers Form of network attack where the attacker secretly relays
and possibly alters the communication between two parties who believe they are directly
communicating with each other
Replay Attack - Answers Form of network attack in which a valid data transmission is
maliciously or fraudulently repeated or delayed.
Are passive attacks detectable by the user? - Answers No
Active Online Password Attack - Answers More aggressive form of password attack and
leverage brute-force or dictionary methods. Highly effective against environments that contain
weak or poorly chosen passwords
Brute-force Attack - Answers A method of attempting every possible combination in sequence
until the correct combination is found.
Dictionary Attack - Answers Similar to brute-force, however they are more methodical in utilizing
a pre-defined list of commonly used passwords and/or words, such as a dictionary. This attack
leverages users using easy to remember passwords.
How to thwart password attacks - Answers 2FA is the strongest combatant against password
cracking
Offline Attacks - Answers Relies on the weakness of storing passwords on systems.
Hybrid Password Attack - Answers May start out as a dictionary attack, but will change methods
upon no success and begin adding/replacing characters within words
Precomputed Hashes - Answers These utilize rainbow tables, computing every possible
combination of characters before capturing a password. Attacker then captures the password
and compares it to the table
Rainbow Table - Answers A precomputed list of hashes for every character combination. Can be
loaded onto disk and used to compare already hashed passwords.
Nontechnical Password Cracking - Answers A method of password cracking that includes
shoulder surfing, keyboard sniffing, and social engineering.
, Shoulder surfing - Answers Observing a user type in personal information or interacting on their
machine to gain clues where they may have or store passwords
Keyboard Sniffing - Answers Tracking keystrokes using a type of keyboard logger
Social Engineering - Answers Obtaining pertinent information through the trust of the user over
a social interaction
Malware - Answers Software with the intention to perform malicious activities and
encompasses worms, adware, scareware and spyware
Malicious Activity - Answers Any action or activity that is performed without the consent or
knowledge of the user
Virus - Answers Different form malware, it's a piece of software or code that spreads from
system to system by attaching itself to files. Typically executed when the file is accessed
Types of Viruses - Answers Logic Bombs, Polymorphic, Multipartite, Macro, and Hoaxes
Logic Bomb Virus - Answers Designed to lie in a wait state until a specific event occurs to
trigger it's action. Most commonly it is to destroy data and/or systems.
Positive Event - Answers Looks for events that do eventually occur, such as a date
Negative Event - Answers Looks for events that do not occur
Polymorphic Virus - Answers Ability to hide and mutate with the intent to avoid detection by
antivirus programs. Mutation occurs everytime the virus is executed
Methods for virus mutation - Answers Polymorphic engines and encryption
Polymorphic engines - Answers Designed to alter the design of a virus while keeping the
payload intact
Encryption (Virus) - Answers Used to scramble or hide the payload
Multipartite Virus - Answers Utilize multiple attack vectors to infect a system, including the boot
sector and executable files. in order to eradicate, all parts must be removed. Typically always at
least two parts, boot and file infector.
Macro Virus - Answers Utilize macro languages that are native to many applications. Usually
embedded in files and spread through email. Example, Visual Basic for Microsoft Office
Hoaxes "Virus" - Answers Not a virus at all, but the announcement of a virus that does not
actually exist in the hopes to cause panic.
Best protection against viruses - Answers Education of users
2026/2027
Four methods of password cracking - Answers Passive online, Active online, Offline, and
nontechnical attacks
Passive Online Password Attack - Answers Performed by listening for the password, typically
through packet sniffing, man-in-the-middle or replay attacks
Man-in-the-middle Attack - Answers Form of network attack where the attacker secretly relays
and possibly alters the communication between two parties who believe they are directly
communicating with each other
Replay Attack - Answers Form of network attack in which a valid data transmission is
maliciously or fraudulently repeated or delayed.
Are passive attacks detectable by the user? - Answers No
Active Online Password Attack - Answers More aggressive form of password attack and
leverage brute-force or dictionary methods. Highly effective against environments that contain
weak or poorly chosen passwords
Brute-force Attack - Answers A method of attempting every possible combination in sequence
until the correct combination is found.
Dictionary Attack - Answers Similar to brute-force, however they are more methodical in utilizing
a pre-defined list of commonly used passwords and/or words, such as a dictionary. This attack
leverages users using easy to remember passwords.
How to thwart password attacks - Answers 2FA is the strongest combatant against password
cracking
Offline Attacks - Answers Relies on the weakness of storing passwords on systems.
Hybrid Password Attack - Answers May start out as a dictionary attack, but will change methods
upon no success and begin adding/replacing characters within words
Precomputed Hashes - Answers These utilize rainbow tables, computing every possible
combination of characters before capturing a password. Attacker then captures the password
and compares it to the table
Rainbow Table - Answers A precomputed list of hashes for every character combination. Can be
loaded onto disk and used to compare already hashed passwords.
Nontechnical Password Cracking - Answers A method of password cracking that includes
shoulder surfing, keyboard sniffing, and social engineering.
, Shoulder surfing - Answers Observing a user type in personal information or interacting on their
machine to gain clues where they may have or store passwords
Keyboard Sniffing - Answers Tracking keystrokes using a type of keyboard logger
Social Engineering - Answers Obtaining pertinent information through the trust of the user over
a social interaction
Malware - Answers Software with the intention to perform malicious activities and
encompasses worms, adware, scareware and spyware
Malicious Activity - Answers Any action or activity that is performed without the consent or
knowledge of the user
Virus - Answers Different form malware, it's a piece of software or code that spreads from
system to system by attaching itself to files. Typically executed when the file is accessed
Types of Viruses - Answers Logic Bombs, Polymorphic, Multipartite, Macro, and Hoaxes
Logic Bomb Virus - Answers Designed to lie in a wait state until a specific event occurs to
trigger it's action. Most commonly it is to destroy data and/or systems.
Positive Event - Answers Looks for events that do eventually occur, such as a date
Negative Event - Answers Looks for events that do not occur
Polymorphic Virus - Answers Ability to hide and mutate with the intent to avoid detection by
antivirus programs. Mutation occurs everytime the virus is executed
Methods for virus mutation - Answers Polymorphic engines and encryption
Polymorphic engines - Answers Designed to alter the design of a virus while keeping the
payload intact
Encryption (Virus) - Answers Used to scramble or hide the payload
Multipartite Virus - Answers Utilize multiple attack vectors to infect a system, including the boot
sector and executable files. in order to eradicate, all parts must be removed. Typically always at
least two parts, boot and file infector.
Macro Virus - Answers Utilize macro languages that are native to many applications. Usually
embedded in files and spread through email. Example, Visual Basic for Microsoft Office
Hoaxes "Virus" - Answers Not a virus at all, but the announcement of a virus that does not
actually exist in the hopes to cause panic.
Best protection against viruses - Answers Education of users
