What is credential spraying and why is it preferred over traditional brute-force in Active Directory environments?
-
A
Testing one password against all users avoids account lockout policies that trigger after multiple failed attempts per account
-
B
It is faster than brute-force because it uses GPU acceleration
-
C
It bypasses network firewalls by distributing attack traffic
-
D
It only requires one network packet per attempt, reducing bandwidth