For large-scale password cracking, what is the legal and practical alternative to using a botnet?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

For large-scale password cracking, what is the legal and practical alternative to using a botnet?

Explanation:
Scaling password cracking in an authorized engagement relies on access to flexible, controllable compute. Cloud resources provide the legal, practical way to do this at scale. You can rent lots of GPU- or CPU-powered instances on demand, spin them up in parallel, and run the cracking workload across many machines. This elastic capability lets you balance speed and cost, and you can shut everything down immediately when the test is finished, with clear billing and audit trails. Using a botnet is illegal and dangerous because it relies on machines you don’t own or control, often without permission. It creates liability and unpredictable results, making it unsuitable for a legitimate assessment. GPU mining targets a different use case and isn’t a proper substitute for a controlled pentest environment. A single local PC is simply not scalable for large-scale cracking due to hardware limits and longer runtimes. Cloud resources strike the right balance of legality, scalability, and practicality.

Scaling password cracking in an authorized engagement relies on access to flexible, controllable compute. Cloud resources provide the legal, practical way to do this at scale. You can rent lots of GPU- or CPU-powered instances on demand, spin them up in parallel, and run the cracking workload across many machines. This elastic capability lets you balance speed and cost, and you can shut everything down immediately when the test is finished, with clear billing and audit trails.

Using a botnet is illegal and dangerous because it relies on machines you don’t own or control, often without permission. It creates liability and unpredictable results, making it unsuitable for a legitimate assessment. GPU mining targets a different use case and isn’t a proper substitute for a controlled pentest environment. A single local PC is simply not scalable for large-scale cracking due to hardware limits and longer runtimes. Cloud resources strike the right balance of legality, scalability, and practicality.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy