How is LANMAN generally described in terms of security?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

How is LANMAN generally described in terms of security?

Explanation:
LANMAN is an old Windows authentication method whose strength is a result of flawed hashing. It uses an LM hash that uppercases the password, truncates it to 14 characters, and splits it into two 7-character halves, each processed with DES. This design drastically reduces the effective search space and lacks proper salting, making offline attacks extremely easy with modern hardware. Because of these weaknesses, LANMAN is widely regarded as insecure and outdated, which is why the correct description is that it is notoriously weak. The other statements don’t fit: it’s neither strong and modern, nor unique to Linux, nor unbreakable.

LANMAN is an old Windows authentication method whose strength is a result of flawed hashing. It uses an LM hash that uppercases the password, truncates it to 14 characters, and splits it into two 7-character halves, each processed with DES. This design drastically reduces the effective search space and lacks proper salting, making offline attacks extremely easy with modern hardware. Because of these weaknesses, LANMAN is widely regarded as insecure and outdated, which is why the correct description is that it is notoriously weak. The other statements don’t fit: it’s neither strong and modern, nor unique to Linux, nor unbreakable.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy