nerdexam
EC-Council

312-50V10 · Question #207

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is th

The correct answer is B. In a pharming attack a victim is redirected to a fake website by modifying their host configuration. Pharming redirects victims to fraudulent sites through technical host-configuration manipulation such as DNS poisoning or hosts file modification, whereas phishing uses deceptive messages to lure users into visiting fake sites.

Social Engineering

Question

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

Options

  • ABoth pharming and phishing attacks are identical.
  • BIn a pharming attack a victim is redirected to a fake website by modifying their host configuration
  • CIn a phishing attack a victim is redirected to a fake website by modifying their host configuration
  • DBoth pharming and phishing attacks are purely technical and are not considered forms of social

How the community answered

(34 responses)
  • A
    3% (1)
  • B
    88% (30)
  • C
    3% (1)
  • D
    6% (2)

Why each option

Pharming redirects victims to fraudulent sites through technical host-configuration manipulation such as DNS poisoning or hosts file modification, whereas phishing uses deceptive messages to lure users into visiting fake sites.

ABoth pharming and phishing attacks are identical.

Pharming and phishing are distinct attack types - pharming uses technical DNS or hosts-file manipulation while phishing relies on social engineering via deceptive emails or messages.

BIn a pharming attack a victim is redirected to a fake website by modifying their host configurationCorrect

In a pharming attack the attacker poisons DNS records or modifies the victim's local hosts file so that a legitimate domain name silently resolves to a malicious IP address. The victim types a valid URL yet is transparently delivered to a fraudulent site, requiring no deceptive link or user click error. This silent technical redirection is the defining characteristic that separates pharming from phishing.

CIn a phishing attack a victim is redirected to a fake website by modifying their host configuration

It is pharming, not phishing, that redirects victims through host-configuration modification - phishing depends on deceptive communications to trick users into following malicious links voluntarily.

DBoth pharming and phishing attacks are purely technical and are not considered forms of social

Phishing is explicitly a social engineering technique that manipulates user behavior through deceptive messages, so characterizing both attacks as purely technical is factually incorrect.

Concept tested: Difference between pharming and phishing attack vectors

Source: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks

Topics

#pharming#phishing#host file poisoning#DNS redirection

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice