Which of the following are types of access control attacks?
Each correct answer represents a complete solution. Choose all that apply.

A.
Brute force attack

B.
Mail bombing

C.
Spoofing

D.
Dictionary attack

Explanation:

The following are types of access control attacks :
1.Spoofing
2.Brute force attack
3.Dictionary attack
4.Denial of service attack
What is spoofing?
Spoofing is a technique that makes a transmission appear to have come from an authentic source by
forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers
by using someone else’s IP address to his identity. However, spoofing cannot be used while surfing
the Internet, chatting on-line, etc. because forging the source IP address causes the responses to be
misdirected.
What is dictionary attack?
Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of
common words to find out the password of a user. It can also use common words in either upper or
lower case to find a password. There are many programs available on the Internet to automate and
execute dictionary attacks.
What is a brute force attack?
In a brute force attack, an attacker uses software that tries a large number of the keys combinations
in order to get a password. To prevent such attacks, users should create passwords more difficult to

guess, e.g., using a minimum of six characters, alphanumeric combinations, and lower-upper case
combinations, etc.
Answer option B is incorrect. Mail bombing is not a type of access control attack.
Mail bombing is an attack that is used to overwhelm mail servers and clients by sending large
amount of unwanted e-mails. The aim of this type of attack is to completely fill the recipient’s hard
disk with immense, useless files, causing at best irritation, and at worst total computer failure. E-mail
filtering and properly configuring email relay functionality on mail servers can be helpful for
protection against this type of attack.