Step 3: Password Cracking Tools
You have successfully examined the threats to a healthcare organization’s information systems infrastructure. Now, you must begin your research into password cracking software. Do some quick independent research on password cracking as it applies to your organization.
You can click on this link to find the instructions for Navigating the Workspace and the Lab Setup.
Enter Workspace and complete the lab activities outlined in the Project 1 Workspace Exercise Instructions. There are additional password cracking tool resources, tutorials, and user guides to continue your familiarity with the tools.
Click here to access the Project 1 Workspace Exercise Instructions.
After completing the lab, you will have successfully tested more than one password cracking tool. Not all password cracking tools will necessarily perform with the same speed, precision, and results, making it important to test a few different products. Compare the password cracking tools based on these characteristics, and include as part of your assessment and recommendations on the use of such tools. You will test the organization’s systems for password strength and complexity and complete validation testing. You will compare the results obtained from your first and second tool.
You have tested and made comparisons of the performance of various password cracking tools and you have the data to support your recommendations for the use of such tools.
Not all password cracking tools will necessarily perform with the same speed, precision, and results, making it important to test a few different products. The comparison will be part of your assessment and help you make recommendations on the use of such tools. You will test the organization’s systems for password strength and complexity and complete validation testing. You will compare the results comparing the various tools.
- Read this article about cyberattacks, perform two different types of cyberattacks in the first, and in the second tool, crack user account passwords. Describe them in simple nontechnical terms for the leadership. You can identify which tool is the most effective and why for your organization’s IT environment
- Compare and contrast the results from the two methods used to crack the accounts for the three passwords (each encrypted by the two hash algorithms). Show their benefits. You can make certain conclusions that help your company’s cybersecurity posture after using these methods.
- Explain to the director of IT and the members of the board that the healthcare organization’s anti-virus software will detect password cracking tools as malware. Also explain how this impacts the effectiveness of testing security controls like password strength. Help the leadership understand the risks and benefits of using password cracking tools, through persuasive arguments in your report and presentation. If any of the tools take longer than 4-5 minutes to guess a password, record the estimated length of time the tool anticipates to guess it.
Include this information in your presentation.