You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social
engineering, you come to know that they are enforcing strong passwords. You understand that all
users are required to use passwords that are at least 8 characters in length. All passwords must
also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special
characters.
With your existing knowledge of users, likely user account names and the possibility that they will
choose the easiest passwords possible, what would be the fastest type of password cracking
attack you can run against these hash values and still get results?

A.
Online Attack

B.
Dictionary Attack

C.
Brute Force Attack

D.
Hybrid Attack

Explanation:
A dictionary attack will not work as strong passwords are enforced,also the
minimum length of 8 characters in the password makes a brute force attack time consuming. A
hybrid attack where you take a word from a dictionary and exchange a number of letters with
numbers and special characters will probably be the fastest way to crack the passwords.