What is a "brute force" attack?

A "brute force" attack is characterized by an attacker systematically attempting numerous combinations of passwords or encryption keys until the correct one is found. This method relies on computational power to generate and test each possible combination, making it a straightforward yet often effective strategy to bypass authentication mechanisms.

The reason this option is the correct one is that brute force attacks do not depend on outside knowledge of system vulnerabilities or on exploiting system flaws; instead, they leverage sheer guessing power. The only requirements are the attacker's computational resources and time, as they can automate and execute these attempts without needing sophisticated planning or social engineering tactics.

In contrast, other attack methods mentioned do not align with the definition of a brute force attack. Overloading server capacity refers to denial-of-service attacks, while using automated scripts to exploit known vulnerabilities involves more targeted approaches, such as exploiting software weaknesses. Phishing and social engineering concentrate on human factors and deception rather than attempting to break security purely through password guessing. Thus, understanding the nature of brute force attacks emphasizes the importance of strong password policies and account lockout mechanisms to mitigate such threats.