SY0-701 · Question #110
SY0-701 Question #110: Real Exam Question with Answer & Explanation
The correct answer is A: Brute-force attack. A brute-force attack is a type of attack that involves systematically trying all possible combinations of passwords or keys until the correct one is found. The log file shows multiple failed login attempts in a short amount of time, which is a characteristic of a brute-force atta
Question
An administrator is reviewing a single server's security logs and discovers the following; Which of the following best describes the action captured in this log file?
Options
- ABrute-force attack
- BPrivilege escalation
- CFailed password audit
- DForgotten password by the user
Explanation
A brute-force attack is a type of attack that involves systematically trying all possible combinations of passwords or keys until the correct one is found. The log file shows multiple failed login attempts in a short amount of time, which is a characteristic of a brute-force attack. The attacker is trying to guess the password of the Administrator account on the server. The log file also shows the event ID 4625, which indicates a failed logon attempt, and the status code 0xC000006A, which means the user name is correct but the password is wrong. These are indicators of compromise (IoC) that suggest a brute-force attack is taking place.
Community Discussion
No community discussion yet for this question.