GIAC Certified Incident Handler (GCIH) — Question 184

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. (Choose all that apply.)

Answer options

• A. Hybrid attack
• B. Rule based attack
• C. Dictionary attack
• D. Brute Force attack

Correct answer: A, C, D

Explanation

John's password 'apple' is simple and common, making it susceptible to a Dictionary attack, where attackers use a list of common words. A Hybrid attack, which combines dictionary words with other variations, can also easily crack it. Furthermore, a Brute Force attack could eventually guess the password through exhaustive trial and error. However, a Rule based attack is less relevant here since it typically relies on patterns and modifications of existing passwords.