Splunk Observability Cloud Certified Metrics User — Question 48
An analyst is examining the logs for a web application’s login form. They see thousands of failed logon attempts using various usernames and passwords. Internet research indicates that these credentials may have been compiled by combining account information from several recent data breaches.
Which type of attack would this be an example of?
Answer options
- A. Credential sniffing
- B. Password cracking
- C. Password spraying
- D. Credential stuffing
Correct answer: D
Explanation
The correct answer is D, Credential stuffing, as it refers to the use of stolen credentials from previous breaches to gain unauthorized access. The other options like Credential sniffing and Password cracking represent different types of attacks that do not specifically involve using leaked credentials from multiple sources, while Password spraying focuses on a different tactic of using a few common passwords against many accounts.