Brute Force Attack

Question 1

Discovery

Answer 1

The payload of the attack is used to discover a hidden secret, example: discovering a password

Question 2

Rate limiting

Answer 2

Technique to limit network traffic

Question 3

Account lockout

Answer 3

Setting a max amount to put password incorrectly, and then locking account

Question 4

Informed attack

Answer 4

Type of discovery attack, informed attack uses a known, good reference list of data set, example - credentials stuffing

Question 5

Credential stuffing

Answer 5

Informed brute attack, can be id’s and passwords stole and sell on dark web

Question 6

Brute force attack

Answer 6

Exhaustive approach to performing attack against a system, service or data set. Simple to implement. Almost always automated by script or a sequence of an operations in a loop. Can be online or offline, requires a lot of time and computing resources

Question 7

Dictionary attack

Answer 7

Type of discovery attack, attacker uses a finite reference list or data set, example common passwords list

Question 8

Attack conduct

Answer 8

The payload of attack is the conduct of the attack itself, DDOS.

Question 9

IPS intrusion prevention system

Answer 9

Technique of brute force to determine and mitigate the attack. The goal is to see malicious activities

Question 10

Rainbow table

Answer 10

Type of discovery attack, rainbow table attack uses a precomputed table of hashes to find original plaintext, example is password cracking

Question 11

Workfactor

Answer 11

Is the estimate of time , effort and resources needed to adversary to succeed