How can you prevent LANMAN hashes from being stored without disabling LANMAN?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the SANS Cyber Aces Test with flashcards and multiple choice questions. Each question includes detailed explanations. Get exam-ready today!

Multiple Choice

How can you prevent LANMAN hashes from being stored without disabling LANMAN?

Explanation:
Using a password longer than 14 characters prevents LANMAN hashes from being stored due to how Windows handles password hashing for different password lengths. LANMAN hashing operates under the limitation that only the first 14 characters of a password are hashed. Passwords longer than this are automatically stored using the more secure NTLM hashing algorithm instead, which does not utilize LANMAN hashes. This makes long passwords particularly effective in enhancing security, as they shift the method of storage away from the weaker LANMAN format, which is susceptible to various types of attacks, including rainbow table attacks. Other options do not effectively prevent LANMAN hashes from being stored. For example, changing a password to less than 10 characters would still result in a LANMAN hash being created. Similarly, using a non-standard character or a password reset tool might not influence the hashing mechanism responsible for LANMAN storage, particularly if the password length is not addressed adequately. Therefore, choosing a password longer than 14 characters is the appropriate choice to ensure that LANMAN hashes are not stored.

Using a password longer than 14 characters prevents LANMAN hashes from being stored due to how Windows handles password hashing for different password lengths. LANMAN hashing operates under the limitation that only the first 14 characters of a password are hashed. Passwords longer than this are automatically stored using the more secure NTLM hashing algorithm instead, which does not utilize LANMAN hashes.

This makes long passwords particularly effective in enhancing security, as they shift the method of storage away from the weaker LANMAN format, which is susceptible to various types of attacks, including rainbow table attacks.

Other options do not effectively prevent LANMAN hashes from being stored. For example, changing a password to less than 10 characters would still result in a LANMAN hash being created. Similarly, using a non-standard character or a password reset tool might not influence the hashing mechanism responsible for LANMAN storage, particularly if the password length is not addressed adequately. Therefore, choosing a password longer than 14 characters is the appropriate choice to ensure that LANMAN hashes are not stored.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy