nerdexam
EC-Council

312-50V10 · Question #538

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106: What is most likely taking place?

The correct answer is B. Remote service brute force attempt. The described output targeting a single IP with repeated structured connection attempts is characteristic of a remote service brute force attack.

System Hacking

Question

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

Exhibit

312-50V10 question #538 exhibit

Options

  • APing sweep of the 192.168.1.106 network
  • BRemote service brute force attempt
  • CPort scan of 192.168.1.106
  • DDenial of service attack on 192.168.1.106

How the community answered

(58 responses)
  • A
    2% (1)
  • B
    84% (49)
  • C
    9% (5)
  • D
    5% (3)

Why each option

The described output targeting a single IP with repeated structured connection attempts is characteristic of a remote service brute force attack.

APing sweep of the 192.168.1.106 network

A ping sweep sends ICMP echo requests across a range of IP addresses to discover live hosts on a subnet, not repeated attempts against a single host.

BRemote service brute force attemptCorrect

A remote service brute force attempt uses a tool such as Hydra or Medusa to systematically try large numbers of credential combinations against a network service like SSH, FTP, or RDP on the target host. The output showing repeated, structured attempts against a single IP on a specific port is the signature pattern of this technique rather than scanning or flooding.

CPort scan of 192.168.1.106

A port scan probes many different ports on a target to enumerate open services, whereas the output shows repeated connections to one specific service port.

DDenial of service attack on 192.168.1.106

A denial of service attack floods a target to exhaust resources and disrupt availability, and does not produce structured output showing sequential login attempts.

Concept tested: Remote service brute force attack recognition

Source: https://owasp.org/www-community/attacks/Brute_force_attack

Topics

#brute force#remote service attack#password cracking#penetration testing

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice