nerdexam
EC-Council

312-50V11 · Question #762

Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploi

The correct answer is D. Watering Hole Attack. A watering hole attack involves compromising websites that targeted victims are likely to visit, then using those sites to deliver exploits - often zero-days - to the intended targets.

Social Engineering

Question

Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well- known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?

Options

  • AHeartbeat Attack
  • BSpear Phishing Attack
  • CShellshock Attack
  • DWatering Hole Attack

How the community answered

(34 responses)
  • B
    3% (1)
  • C
    6% (2)
  • D
    91% (31)

Why each option

A watering hole attack involves compromising websites that targeted victims are likely to visit, then using those sites to deliver exploits - often zero-days - to the intended targets.

AHeartbeat Attack

A heartbeat attack refers to exploitation of the OpenSSL Heartbleed vulnerability (CVE-2014-0160), which allows reading of server memory - it is not a category of targeted website compromise.

BSpear Phishing Attack

Spear phishing is a targeted email-based social engineering attack directed at specific individuals, not a method involving compromising third-party websites.

CShellshock Attack

Shellshock refers to a specific Bash shell vulnerability (CVE-2014-6271) that allows remote command execution via crafted environment variables, not a website-based targeting strategy.

DWatering Hole AttackCorrect

A watering hole attack is defined by threat actors identifying and infecting trusted websites frequented by their intended victims rather than attacking victims directly. The scenario explicitly describes inserting exploits into well-known sites and leveraging zero-day vulnerabilities to minimize defenses. This indirect compromise strategy targeting a 'watering hole' that victims visit is the defining characteristic of this attack class.

Concept tested: Watering hole attack identification and characteristics

Source: https://attack.mitre.org/techniques/T1189/

Topics

#watering hole attack#zero-day exploit#drive-by download#targeted attack

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice