New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCFR Exam - Topic 1 Question 4 Discussion

Actual exam question for GIAC's GCFR exam
Question #: 4
Topic #: 1
[All GCFR Questions]

A threat actor conducts brute force attacks against SSH services to gain Initial access. This attack technique falls under which category of the Google Workspace MITRE ATT&CK matrix?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Lorrine at Oct 07, 2023, 08:18 AM

Limited Time Offer

25%

Off

Get Premium GCFR Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Garry
3 months ago
Yeah, SSH brute forcing is a classic move for attackers.
upvoted 0 times
...
Jacquelyne
3 months ago
Wait, brute force attacks? Are they really that effective anymore?
upvoted 0 times
...
Pilar
3 months ago
Credential access makes the most sense here!
upvoted 0 times
...
Sommer
4 months ago
I think it's more about defense evasion, though.
upvoted 0 times
...
Nan
4 months ago
This is definitely about credential access.
upvoted 0 times
...
Tequila
4 months ago
I feel like this could also fit under discovery, but that doesn't seem quite right for a brute force attack.
upvoted 0 times
...
Bok
4 months ago
I practiced a similar question, and I think it was about how attackers gain initial access. So, maybe it's credential access?
upvoted 0 times
...
Mireya
4 months ago
I'm not entirely sure, but I remember something about defense evasion techniques. Could it be that?
upvoted 0 times
...
Stefania
5 months ago
I think this might be related to credential access since brute force attacks are all about stealing credentials, right?
upvoted 0 times
...
Kimbery
5 months ago
Okay, I've got this. Brute force attacks are all about trying to access credentials, so the correct answer is Credential Access.
upvoted 0 times
...
Roslyn
5 months ago
I think the key here is that the attacker is trying to gain initial access, so this would be under the Discovery category of the MITRE ATT&CK matrix.
upvoted 0 times
...
Katie
5 months ago
Definitely Credential Access. Brute force attacks are all about trying to guess passwords and gain unauthorized access to accounts.
upvoted 0 times
...
Tamesha
5 months ago
Hmm, I'm a bit confused on this one. I'm not sure if it's Credential Access or Discovery, since the attacker is trying to find a way in through the SSH service.
upvoted 0 times
...
Lashandra
5 months ago
I'm pretty sure this falls under Credential Access, since the brute force attack is trying to gain access to SSH credentials.
upvoted 0 times
...
Darci
5 months ago
Okay, I've got it. Automated deployment and automated change tracking are the two characteristics that will help UC address their challenges. Time to mark those answers and move on.
upvoted 0 times
...
Simona
5 months ago
This seems like a straightforward question about the role of the service desk. I'll need to think carefully about the relationship between the service desk and other support teams.
upvoted 0 times
...

Save Cancel