GCIH - Chapter 5.5: Attack Types Questions and
Verified Answers
Four methods of password cracking Correct Answer: Passive online, Active online, Offline, and
nontechnical attacks
Passive Online Password Attack Correct Answer: Performed by listening for the password, typically
through packet sniffing, man-in-the-middle or replay attacks
Man-in-the-middle Attack Correct Answer: Form of network attack where the attacker secretly relays
and possibly alters the communication between two parties who believe they are directly
communicating with each other
Replay Attack Correct Answer: Form of network attack in which a valid data transmission is maliciously
or fraudulently repeated or delayed.
Are passive attacks detectable by the user? Correct Answer: No
Active Online Password Attack Correct Answer: More aggressive form of password attack and leverage
brute-force or dictionary methods. Highly effective against environments that contain weak or poorly
chosen passwords
Brute-force Attack Correct Answer: A method of attempting every possible combination in sequence
until the correct combination is found.
Dictionary Attack Correct Answer: Similar to brute-force, however they are more methodical in utilizing
a pre-defined list of commonly used passwords and/or words, such as a dictionary. This attack leverages
users using easy to remember passwords.
How to thwart password attacks Correct Answer: 2FA is the strongest combatant against password
cracking
Offline Attacks Correct Answer: Relies on the weakness of storing passwords on systems.
Hybrid Password Attack Correct Answer: May start out as a dictionary attack, but will change methods
upon no success and begin adding/replacing characters within words
Precomputed Hashes Correct Answer: These utilize rainbow tables, computing every possible
combination of characters before capturing a password. Attacker then captures the password and
compares it to the table
, Rainbow Table Correct Answer: A precomputed list of hashes for every character combination. Can be
loaded onto disk and used to compare already hashed passwords.
Nontechnical Password Cracking Correct Answer: A method of password cracking that includes shoulder
surfing, keyboard sniffing, and social engineering.
Shoulder surfing Correct Answer: Observing a user type in personal information or interacting on their
machine to gain clues where they may have or store passwords
Keyboard Sniffing Correct Answer: Tracking keystrokes using a type of keyboard logger
Social Engineering Correct Answer: Obtaining pertinent information through the trust of the user over a
social interaction
Malware Correct Answer: Software with the intention to perform malicious activities and encompasses
worms, adware, scareware and spyware
Malicious Activity Correct Answer: Any action or activity that is performed without the consent or
knowledge of the user
Virus Correct Answer: Different form malware, it's a piece of software or code that spreads from system
to system by attaching itself to files. Typically executed when the file is accessed
Types of Viruses Correct Answer: Logic Bombs, Polymorphic, Multipartite, Macro, and Hoaxes
Logic Bomb Virus Correct Answer: Designed to lie in a wait state until a specific event occurs to trigger
it's action. Most commonly it is to destroy data and/or systems.
Positive Event Correct Answer: Looks for events that do eventually occur, such as a date
Negative Event Correct Answer: Looks for events that do not occur
Polymorphic Virus Correct Answer: Ability to hide and mutate with the intent to avoid detection by
antivirus programs. Mutation occurs everytime the virus is executed
Methods for virus mutation Correct Answer: Polymorphic engines and encryption
Polymorphic engines Correct Answer: Designed to alter the design of a virus while keeping the payload
intact
Encryption (Virus) Correct Answer: Used to scramble or hide the payload
Verified Answers
Four methods of password cracking Correct Answer: Passive online, Active online, Offline, and
nontechnical attacks
Passive Online Password Attack Correct Answer: Performed by listening for the password, typically
through packet sniffing, man-in-the-middle or replay attacks
Man-in-the-middle Attack Correct Answer: Form of network attack where the attacker secretly relays
and possibly alters the communication between two parties who believe they are directly
communicating with each other
Replay Attack Correct Answer: Form of network attack in which a valid data transmission is maliciously
or fraudulently repeated or delayed.
Are passive attacks detectable by the user? Correct Answer: No
Active Online Password Attack Correct Answer: More aggressive form of password attack and leverage
brute-force or dictionary methods. Highly effective against environments that contain weak or poorly
chosen passwords
Brute-force Attack Correct Answer: A method of attempting every possible combination in sequence
until the correct combination is found.
Dictionary Attack Correct Answer: Similar to brute-force, however they are more methodical in utilizing
a pre-defined list of commonly used passwords and/or words, such as a dictionary. This attack leverages
users using easy to remember passwords.
How to thwart password attacks Correct Answer: 2FA is the strongest combatant against password
cracking
Offline Attacks Correct Answer: Relies on the weakness of storing passwords on systems.
Hybrid Password Attack Correct Answer: May start out as a dictionary attack, but will change methods
upon no success and begin adding/replacing characters within words
Precomputed Hashes Correct Answer: These utilize rainbow tables, computing every possible
combination of characters before capturing a password. Attacker then captures the password and
compares it to the table
, Rainbow Table Correct Answer: A precomputed list of hashes for every character combination. Can be
loaded onto disk and used to compare already hashed passwords.
Nontechnical Password Cracking Correct Answer: A method of password cracking that includes shoulder
surfing, keyboard sniffing, and social engineering.
Shoulder surfing Correct Answer: Observing a user type in personal information or interacting on their
machine to gain clues where they may have or store passwords
Keyboard Sniffing Correct Answer: Tracking keystrokes using a type of keyboard logger
Social Engineering Correct Answer: Obtaining pertinent information through the trust of the user over a
social interaction
Malware Correct Answer: Software with the intention to perform malicious activities and encompasses
worms, adware, scareware and spyware
Malicious Activity Correct Answer: Any action or activity that is performed without the consent or
knowledge of the user
Virus Correct Answer: Different form malware, it's a piece of software or code that spreads from system
to system by attaching itself to files. Typically executed when the file is accessed
Types of Viruses Correct Answer: Logic Bombs, Polymorphic, Multipartite, Macro, and Hoaxes
Logic Bomb Virus Correct Answer: Designed to lie in a wait state until a specific event occurs to trigger
it's action. Most commonly it is to destroy data and/or systems.
Positive Event Correct Answer: Looks for events that do eventually occur, such as a date
Negative Event Correct Answer: Looks for events that do not occur
Polymorphic Virus Correct Answer: Ability to hide and mutate with the intent to avoid detection by
antivirus programs. Mutation occurs everytime the virus is executed
Methods for virus mutation Correct Answer: Polymorphic engines and encryption
Polymorphic engines Correct Answer: Designed to alter the design of a virus while keeping the payload
intact
Encryption (Virus) Correct Answer: Used to scramble or hide the payload
