An attacker obtains a substantial set of usernames and passwords from public data leaks. They test each pair against a company's portal, hoping employees reused their credentials. Which approach best describes this activity?
Credential stuffing
Pass-the-ticket
Password spraying
Brute force
Attackers here reuse known logins from external sources to see if they grant access. This approach aligns with credential stuffing, which leverages previously exposed account details to find a valid match. Brute force involves trying probable passwords for individual accounts, pass-the-ticket repurposes tokens from compromised systems, and password spraying tests a limited set of common passes across many accounts. The key is that the attacker has a huge list of actual username-password pairs from leaks, making credential stuffing the clear fit.
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
All IT & Cybersecurity Package plans include the following perks and exams .
Our pricing is simple. Full access to all certifications and exams in each package, for one price.
As many practice tests for as many topics as you want.
Use study mode non-stop, no limits.
Access to our AI assistant, Bash, trained to help you pass your exam.
Track your scores over time in study mode and report cards.
See how you improve over time, and where you need to focus.
Access our store with even bigger discounts than before.
Unlimited access to all performance questions and be prepared for the real thing.
All IT & Cybersecurity Package plans include unlimited access to the following study materials.
Create an account or sign in to access our study materials.