Exam N10-008 topic 1 question 304 discussion

So many wrong answers on this dump. Its brute force. Someone is trying out passwords and locking your account. You have a 3 wrong password and lockout policy in Active Directory.

Active Directory - IT Department resets the password Brute-Force Attack - Every time user comes back to their computer, users acount is being locked. With that being said, I would assume someone is trying to guess their password to access the user computer while the user is away. A. Brute-force - Tries every possible combination until they figure out the password B. On-path - Occurs when an attacker puts themselves between the victim and the intended destination C. Deauthentication - Attempts to interrupt communication between an end user and the wireless access point D. Phishing - Sending an email in an attempt to get a user to click a link. Sending out emails to capture the most people and doesn’t really target

Omg im gonna lose my sanity with these Qs. If it was brute force then it should him a message of repeated logins no? the only possible I think is C. Deauthentication because he has to authenticate again and he isn't ? but then is he authenticating locally? if so then brute force, if authentication requires Internet then its C. . Sorry im frustrated. probably A because he reset the password and then it happened again. and this r3tard IT department did not check logs to tell him to do something about it.

The correct answer is C. Deauthentication. Here's why: The user is able to log in initially, but after locking the computer, they are unable to log in again. This suggests that the issue is not with the password itself, but rather with the authentication process.

I think the key here is 'unable to log in after locking the computer'. Deauthentication can happen as you're actively using a wireless device.

ChatGBT says C is correct but not sure

the answer here is actually a dictionary attack, but since it is not listed, i would say bruteforce

The only thing that throws me off is the fact that brute force takes FOREVER and the fact that this attacker is able to get the password that SAME DAY doesn't really add up to me 😂 Honestly On-Path would make more sense given how if it was lets say LDAP which is unencrypted plaintext by default (Unless you do SLDAP).

correct answer is A

Boo Boo, the ghost says A!

It's A, guys the computer is LOCKED OUT after someone tried to gain access to the user's computer after he LOCKED the computer. That is Brute-Force. It is not C because Deauthenication is for ONLY WIRELESS devices and in this question, they do not specify if the user's computer is connected wirelessly or thru Ethernet.

In this question, they didn't explain whether this computer is on an Ethernet connection or a wireless connection. Deauthentication interrupts communication between an end user and the wireless access point. Only brute-force attacks can cause this issue.

Trick on DeaAuth. It is definitely BruteForce that causes the account to lock out. What a bad question. The only purpose is the play on Deauthentication

SKIDADDLE SKADOODLE If you dont pick A you are a NOODLE.

I'm also going to go with C. A brute-force attack will most likely happen after deauthentication was performed. I read several articles and this one was the best. It tells you how to deauthenticate someone and explain. Scroll all the way in the bottom and read after Phishing attacks. Hopefully this helps https://hackernoon.com/forcing-a-device-to-disconnect-from-wifi-using-a-deauthentication-attack-f664b9940142

Deauthentication attacks target the communication between a user's device and the network it is connected to. When a user locks their computer, the computer may disconnect from the network. If a deauthentication attack is taking place, an attacker may be sending deauthentication packets to the user's device, causing it to disconnect from the network and making it difficult for the user to log back in.

Based on the information given, the most likely attack taking place is a Deauthentication attack. In a Deauthentication attack, an attacker sends deauthentication packets to a target device in order to disconnect it from its current network. This can result in the target device losing its connection and being unable to log in again until the connection is reestablished. In this scenario, it is possible that the attacker is using a Deauthentication attack to disrupt the user's connection after the user locks the computer, resulting in the inability to log in after resetting the password.