05 Dec Practice Test Question – NTLM Authentication Attacks
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Which one of the following attacks is a critical threat that applies specifically to NTLM authentication?
A. Rainbow table
D. Brute force
Correct Answer: C
All of these attacks are authentication attacks. Brute force and rainbow table attacks are generic attacks that may be used against any authentication system that stores hashed passwords. Man-in-the-middle attacks are generally used against web applications. Pass-the-hash attacks are specifically effective against NTLM authentication.