GIAC Certified Incident Handler (GCIH) — Question 41

An engineer is using Hashcat to brute force passwords from a file of hashes. How should the following hash be handled in the scenario? aad3b435b51404eeaad3b435b51404ee

Answer options

• A. The hash should be skipped
• B. The hash should be cracked as a SHA-1 hash
• C. The hash should be decoded
• D. The hash should be cracked as an NT hash

Correct answer: B

Explanation

The correct answer is B because the given hash is known to be a representation of an NT hash, which can be cracked using the SHA-1 algorithm. Options A, C, and D are incorrect as they either suggest ignoring the hash or misidentify the required method for handling it.