In which attack type do attackers use stolen credentials to gain access?

The correct answer involves recognizing that attackers often utilize stolen credentials to infiltrate systems and gain access to sensitive information. In the context of the options provided, the scenario described fits best with physical attacks, where unauthorized individuals may use obtained login details to bypass security measures directly at a location or system.

Physical attacks generally refer to when attackers exploit a physical space, like an office or data center, to access computer terminals. In this scenario, possessing stolen credentials enables them to bypass various security layers that would otherwise restrict access to authorized users. This tactic emphasizes the importance of securing physical access to systems, as well as monitoring for unusual login events that could indicate credential misuse.

Other options, such as piggybacking, pretexting, and watering hole attacks, describe different methods of attack where the misuse of credentials is not the primary mechanism. Piggybacking typically refers to gaining unauthorized access by following someone authorized, pretexting involves creating a fabricated story to extract information, and watering hole attacks involve compromising a target's trusted websites to deliver infections. These methods do not centrally revolve around using stolen credentials for access—hence, they do not align with the scenario presented in the question.