Which of the following are the types of password guessing attacks? Each correct answer represents a complete solution. Choose two.

A.
Man-in-the-middle attack

B.
Dictionary attack

C.
Password attack

D.
Brute force attack

Explanation:
A password guessing attack occurs when an unauthorized user tries to log on repeatedly to a computer or network by guessing usernames and passwords. Many password guessing programs that attempt to break passwords are available on the Internet. Following are the types of password guessing attacks:
Brute force attack
Dictionary attack
Brute force attack is the most likely cause of account lockout. In a brute force attack, unauthorized users attempt to log on to a network or a computer using multiple possible user names and passwords. Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of common words to find out the password of a user. It can also use common words in either upper or lower case to find a password. There are many programs available on the Internet to automate and execute dictionary attacks. Answer option A is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client. Answer option C is incorrect. There is no attack such as password attack.