Question 707 of 730 from exam SY0-601: CompTIA Security+

Prev Question Next Question

Question

A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network.

The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts.

While reviewing the log files, the analyst discovers the following:

$3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3/16/20 3:31:10 3:31:11 3:31:12 3:31:13 3:31:14 3:31:15 3:31:16 3:31:18 3:31:19 3:31:20 3:31:22 3:31:22 3:32:40 3:33:25 RER EERE RRR EERE Audit Audit Audit Audit Audit Audit Audit Audit Audit Audit Audit Audit Audit Audit Failure: CompanyNetwork\Userl Unknown Failure: CompanyNetwork\User1 Unknown Failure: CompanyNetwork\Userl Unknown Failure: CompanyNetwork\Userl Account Failure: CompanyNetwork\User2 Unknown Failure: CompanyNetwork\User2 Unknown Failure: CompanyNetwork\User2 Unknown Failure: CompanyNetwork\User2 Account Failure: CompanyNetwork\User3 Unknown Failure: CompanyNetwork\User3 Unknown unsername or unsername or locked out. unsername or unsername or unsername or locked out. unsername or unsername or Success: CompanyNetwork\User3 Successful logon. Failure: CompanyNetwork\User4 Unknown Failure: CompanyNetwork\User4 Unknown unsername or unsername or Success: CompanyNetworkd\User4 Successful logon. bad bad bad bad bad bad bad bad bad bad password. password. password. password. password. password. password. password. password. password.$

Which of the following attacks MOST likely occurred?

Dictionary B.

Credential-stuffing C.

Password-spraying D.

Brute-force.

Show Answer

Explanations

A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network.

The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts.

While reviewing the log files, the analyst discovers the following:

Which of the following attacks MOST likely occurred?

Dictionary

Credential-stuffing

Password-spraying

Brute-force.

Prev Question Next Question