CompTIA Security+ SY0-601 – Question505

A customer called a company's security team to report that all invoices the customer has received over the last
five days from the company appear to have fraudulent banking details. An investigation into the matter reveals
the following:
The manager of the accounts payable department is using the same password across multiple external
websites and the corporate account.
One of the websites the manager used recently experienced a data breach.
The manager's corporate email account was successfully accessed in the last five days by an IP address
located in a foreign country.
Which of the following attacks has most likely been used to compromise the manager's corporate account?


A.
Remote access Trojan
B. Brute-force
C. Dictionary
D. Credential stuffing
E. Password spraying

Correct Answer: D