What is a brute-force attack and how does it involve multiple failed login attempts from different IP addresses globally? Learn how attackers use automated tools to guess credentials and how to detect and prevent such attacks—essential for CompTIA Security+ (Plus) SY0-701 exam success.
Table of Contents
Question
A security analyst notices multiple failed login attempts on a company’s web portal from different IP addresses worldwide. What type of attack is most likely occurring?
A. DDoS attack
B. Man-in-the-middle attack
C. Session hijacking
D. Brute-force attack
E. SQL injection
Answer
D. Brute-force attack
Explanation
A brute-force attack involves trying multiple username-password combinations to gain unauthorized access. The widespread login attempts suggest an automated attack.
The most likely attack occurring when multiple failed login attempts are detected from different IP addresses worldwide is a brute-force attack.
A brute-force attack is a method where attackers systematically try numerous username and password combinations to gain unauthorized access to accounts or systems.
Attackers often use automated tools and botnets to distribute login attempts across many IP addresses globally, making detection and blocking more difficult. This is known as a distributed brute-force attack.
These attacks generate high volumes of failed login attempts, often from different geographic locations and IP addresses, to avoid triggering simple IP-based lockouts or rate limiting.
Brute-force attacks exploit weak or commonly used passwords and can lead to account compromise, data breaches, and further network infiltration.
Detection involves monitoring for unusual login patterns, such as repeated failed attempts, attempts from unfamiliar IPs, or login attempts outside normal business hours.
Prevention techniques include enforcing strong password policies, implementing account lockouts or incremental delays after failed attempts, using multi-factor authentication (MFA), and deploying intrusion detection and prevention systems.
Brute-force attacks involve automated, distributed attempts to guess login credentials, often from multiple IP addresses worldwide, aiming to gain unauthorized access through persistence and volume.
CompTIA Security+ (Plus) SY0-701 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ (Plus) SY0-701 exam and earn CompTIA Security+ (Plus) SY0-701 certification.