Which of the following attacks is used to obtain a user’s authentication credentials?

A.
Teardrop attack

B.
Brute force attack

C.
Bonk attack

D.
Phishing attack

Explanation:
Brute force is an attack that is used to obtain a user’s authentication credentials. In a brute force attack, an attacker uses software that tries a large number of the keys combinations in order to get a password. To prevent such attacks, users should create passwords more difficult to guess, e.g., using a minimum of six characters, alphanumeric combinations, and lower-upper case combinations, etc. Answer option D is incorrect. Phishing is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number. An example of phishing attack is a raudulent e-mail that appears to come from a user’s bank asking to change his online bankingpassword. When the user clicks the link available on the e-mail, it directs him to a phishing site which replicates the original bank site. The phishing site lures the user to provide his personal information. Answer option C is incorrect. Bonk attack is a variant of the teardrop attack that affects mostly Windows computers by sending corrupt UDP packets to DNS port 53. It is a type of denial-of-service (DoS) attack. A bonk attack manipulates a fragment offset field in TCP/IP packets. This field tells a computer how to reconstruct a packet that was fragmented, because it is difficult to transmit big packets. A bonk attack causes the target computer to reassemble a packet that is too big to be reassembled and causes the target computer to crash. Answer option A is incorrect. In a teardrop attack, a series of data packets are sent to the target computer with overlapping offset field values. As a result, the target computer is unable to reassemble these packets and is forced to crash, hang, or reboot.