nerdexam
(ISC)2

CISSP · Question #68

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user

The correct answer is A. A dictionary attack. A dictionary attack is a type of brute-force attack that attempts to guess a user's password by trying a large number of possible words or phrases, often derived from a dictionary or a list of commonly used passwords. A dictionary attack can be detected by an Intrusion Detection

Submitted by kevin_r· Mar 5, 2026Security Operations

Question

An Intrusion Detection System (IDS) is generating alarms that a user account has over 100 failed login attempts per minute. A sniffer is placed on the network, and a variety of passwords for that user are noted. Which of the following is MOST likely occurring?

Options

  • AA dictionary attack
  • BA Denial of Service (DoS) attack
  • CA spoofing attack
  • DA backdoor installation

How the community answered

(32 responses)
  • A
    75% (24)
  • B
    3% (1)
  • C
    16% (5)
  • D
    6% (2)

Explanation

A dictionary attack is a type of brute-force attack that attempts to guess a user's password by trying a large number of possible words or phrases, often derived from a dictionary or a list of commonly used passwords. A dictionary attack can be detected by an Intrusion Detection System (IDS) if it generates a high number of failed login attempts per minute, as well as a variety of passwords for the same user. A sniffer can capture the network traffic and reveal the passwords being tried by the attacker.

Topics

#dictionary attack#intrusion detection#password attacks#incident analysis

Community Discussion

No community discussion yet for this question.

Full CISSP Practice