CISSP Practice Exam 2026 – Complete Prep Guide

A brute-force attack is commonly used to obtain credentials for unauthorized access. This method involves systematically trying every possible combination of passwords or keys until the correct one is found. Attackers use brute-force techniques because they often rely on weak or common passwords, making it feasible to guess them within a reasonable timeframe.

When an attacker executes a brute-force attack, their goal is to gain unauthorized access to accounts, systems, or networks by cracking passwords. If successful, this allows them to exploit vulnerabilities, steal data, or conduct further attacks.

The other potential options do not align with the primary purpose of brute-force attacks. Enhancing network security is a proactive measure typically involving the implementation of safeguards to prevent attacks rather than using them. Similarly, encrypting sensitive data is a security practice designed to protect information rather than to compromise it. Managing network traffic relates to monitoring and controlling the flow of data across a network instead of gaining unauthorized access to credentials. Thus, the focus of a brute-force attack is squarely on the unauthorized retrieval of credentials.