You are the network administrator for a small bank in Dallas, Texas. To ensure network security, you enact a security policy that reQuires all users to have 14 character passwords. After giving your users 2 weeks notice, you change the Group Policy to force 14 character passwords. A week later you dump the SAM database from the standalone server and run a password-cracking tool
against it. Over 99% of the passwords are broken within an hour. Why were these passwords cracked so Quickly?
A.
Passwords of 14 characters or less are broken up into two 7-character hashes
B.
A password Group Policy change takes at least 3 weeks to completely replicate throughout a network
C.
Networks using Active Directory never use SAM databases so the SAM database pulled was empty
D.
The passwords that were cracked are local accounts on the Domain Controller