Which two steps should be completed for almost all password attacks?
1) Brute force attack and dictionary attack
2) Phishing and social engineering
3) Rainbow table attack and keylogger attack
4) Shoulder surfing and malware attack