Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select two.)
A. Rainbow table attacks greatly reduce compute cycles at attack time.
B. Rainbow tables must include precomputed hashes.
C. Rainbow table attacks do not require access to hashed passwords.
D. Rainbow table attacks must be performed on the network.
E. Rainbow table attacks bypass maximum failed login restrictions.
How To Pass SY0-601 Exam?CompTIA SY0-601 PDF dumps.High quality SY0-601 pdf and software. VALID exam to help you pass. |
 |
B and E —
The question focuses on what “DIFFERENTIATES a rainbow table attack from a brute force attack” — A Rainbow attack begins by dumping a computer’s password file to an offline file. It then gets the hash value for each user account’s password and looks it up in an offline table of hash values to find a match. If a match is found then the associated account name and hash value are used for an attempted login. Since it only attempts a login one time for each account, a Rainbow table attack bypasses maximum failed login restrictions. Most of the operation is done offline, so requires fewer computer cycles. However answer (B)”Rainbow tables must include precomputed hashes” and answer (E) “Rainbow table attacks bypass maximum failed login restrictions” are most pertinent. (A) is wrong because a Rainbow attack uses no computations – just table searches – so there are no “compute cycles” to reduce.
Rainbow Table attacks are offline attacks which enables it to bypass the maximum failed login restrictions.
Brute force attacks can also be offline, in which case they can also bypass those restrictions. Correct answers should be A and B.
A and B
Yes, I do think the same. A and B should be correct.