Cyber Security Questions and Answers for Campus interviews on “Password Cracking and Security Measures”.
1. Saving passwords in the browser is a good habit.
a) True
b) False
Answer: b
Clarification: Saving passwords in the browser for your different user accounts and web services is not a good habit. All browsers do not keep these passwords as an encrypted format. Chrome allows you to see those passwords if you know the system’s password which can lead to a security breach.
2. Which of the following is not an advantage of dictionary attack?
a) Very fast
b) Time-saving
c) Easy to perform
d) Very tough and inefficient
Answer: d
Clarification: A dictionary attack is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password. It is very fast, time-saving and easy to perform.
3. A _______________ is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password.
a) Dictionary attack
b) Phishing attack
c) Social engineering attack
d) MiTM attack
Answer: a
Clarification: A dictionary attack is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password. It is very fast, time-saving and easy to perform.
4. Which of the following comes under the advantage of dictionary attack?
a) Time-consuming
b) Moderate efficient
c) Very fast
d) Complex to carry-out
Answer: c
Clarification: A dictionary attack is a process of breaking a password protected system or server by simply & automatically entering every word in a dictionary as a password. It is very fast, time-saving and easy to perform.
5. The hybrid attack is a combination of dictionary attack followed by inserting entropy & performs brute force.
a) True
b) False
Answer: a
Clarification: A hybrid attack is a combination of both brute force attack & dictionary attack. So, while a dictionary attack would comprise a wordlist of passwords, the brute force attack would be functional for each possible password in the given list.
6. Brute force attack is ______________
a) fast
b) inefficient
c) slow
d) complex to understand
Answer: c
Clarification: A brute force is the simplest process of gaining access to any password-protected system. It tries a variety of combinations of usernames & passwords again and again until it cracks it or password matches. But it is comparatively slow.
7. A _____________ attack one of the simplest processes of gaining access to any password-protected system.
a) Clickjacking
b) Brute force
c) Eavesdropping
d) Waterhole
Answer: b
Clarification: A brute force is the simplest process of gaining access to any password-protected system. It tries a variety of combinations of usernames & passwords again and again until it cracks it or password matches.
8. ____________ attack is a combination of Dictionary attack & brute force attack.
a) Syllable
b) Syllabi
c) Database
d) Phishing
Answer: a
Clarification: Syllable attack is a combination of Dictionary attack & brute force attack. This technique may be implemented when the password is a non-existing word and attacker tries some techniques to crack it.
9. Attackers can use the _______________ when he/she gets some information or hint regarding password he/she wants to crack.
a) Syllable attack
b) Rule-based attack
c) Offline attack
d) Hybrid attack
Answer: b
Clarification: Attackers can use the rule-based attack when he/she gets some information or hint regarding password he/she wants to crack. Examples of such scenarios are like: hacker knows about the type of password, or size or what type of data it might contain.
10. _______________ are based on dictionary attack techniques.
a) Hybrid attacks
b) Network attacks
c) TCP attacks
d) Database attacks
Answer: a
Clarification: Hybrid attacks are based on dictionary attack techniques. In such types of attacks, the dictionary attack is mixed with some numerals and special symbols.
11. _____________ are based on dictionary attack techniques where the dictionary attack is mixed with some numerals and special symbols.
a) Syllable attack
b) Rule-based attack
c) Offline attack
d) Hybrid attack
Answer: d
Clarification: Hybrid attack is a type of offline attack which is based on dictionary attack methods. In such types of attacks, the dictionary attack is mixed with some numerals and special symbols.
12. Which of the following is not an example of non-technical attack techniques?
a) Shoulder surfing
b) Keyboard sniffing
c) Phishing
d) Social engineering
Answer: c
Clarification: In the non-technical type of attacks, it is not required to have any technical knowledge to attack your target victim. Examples of such types of attacks are shoulder surfing, keyboard sniffing, and social engineering.