Which of the following represent weak password? (Select 2 answers)
A.
Passwords that contain letters, special characters, and numbers Example: ap1$%##f@52
B.
Passwords that contain only numbers Example: 23698217
C.
Passwords that contain only special characters Example: &*#@!(%)
D.
Passwords that contain letters and numbers Example: meerdfget123
E.
Passwords that contain only letters Example: QWERTYKLRTY
F.
Passwords that contain only special characters and numbers Example: 123@$45
G.
Passwords that contain only letters and special characters Example: bob@&ba
H.
Passwords that contain Uppercase/Lowercase from a dictionary list Example: OrAnGe
Why is “QWERTYKLRTY” a weaker password than “23698217”? “QWERTYKLRTY” is not a dictionary word and the pattern is more obscure than just “QWERTY”, so 26 possibilities per position and 11 positions. Whereas “23698217” uses numberic characters, so 10 possibilities per position and 8 positions. Neither one would be in a dictionary and seems that the numerical password with less characters would take less time to bruteforce than QWERTYKLRTY. ?
I don’t understand the logic behind this answers
H is a weak password because it would be found in a common dictionary file. If using John the Ripper password cracker, you could load a dictionary file and use the –rules switch and crack that password pretty quick.
I’m trying to understand why E is a weaker password than B, because QWERTYKLRTY isn’t a dictionary word. So it probably wouldn’t be found in a dictionary file; Therefore, it comes down to a brute force attack. And based on the math; ie, there are more characters in the alphabet (26) than numbers (10) and the length of the password comes into play too. E has a shorter length as well as less possible characters.
The only thing I could guess is that they are implying that QWERTYKLRTY is a dictionary word. If that is the case, then that would be considered a weaker password than 23698217.
The examples in the answers are misleading. 🙂
E can be “QWERTYKLRTY”, but it can also be “pass”, “password”, “root”
These passwords would be quite likely to be used by an ignorant user. Any other existing word would also be quite probable to be used. All those words will be found in a dictionary.
Whilst using a numerical password, users would most probably use “0000”, “1234” OR their PIN that they use with their payment-card. The last one beeing random numbers. So, less probable to find in a dictionary.
I see your point, but it’s assuming too much. I’m taking the example they put, which is not a word, it’s just all letters, and all numbers is just as easy as all numbers if bruteforcing such a short string. So E is too unpredictable to be an answer since speaking in hypotheticals and not actual, for example the example they used. Hypothetically, what if the user used all letters, and it was a 24 character mixed cased letter string, it’s going to take a very long time to get that because it’s almost like a passphrase now. That COULD be an answer too, there is no length requirement in that question, right? So since B is an actual answer, I argue the answer should be “B” over “E”, and “H” is correct, of course.
Ahh, now I see their trick. Thanks.
e&h
please need for dumps for pass successfuly this exam