If a token and 4-digit personal identification number (PIN) are used to access a computer system
and the token performs off-line checking for the correct PIN, what type of attack is possible?

A.
Birthday

B.
Brute force

C.
Man-in-the-middle

D.
Smurf

Explanation:
Brute force attacks are performed with tools that cycle through many possible character, number,

and symbol combinations to guess a password. Pg 134 Shon Harris CISSP All-In-One
Certification Exam Guide. Since the token allows offline checking of PIN, the cracker can keep
trying PINS until it is cracked.