312-50V12 Question #3: Real Exam Question with Answer & Explanation

Question

Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario?

Options

• AWatering hole attack
• BDNS rebinding attack
• CMarioNet attack
• DClickjacking attack

Explanation

Joel identifies websites frequented by employees, compromises those sites with malicious scripts, and waits for victims to visit - a classic watering hole attack pattern.

Common mistakes.

• B. DNS rebinding is an attack that manipulates DNS responses to bypass same-origin policy and allow malicious scripts to interact with internal network resources, which does not match the scenario of compromising a third-party website to deliver malware.
• C. MarioNet is an attack that exploits browser Service Workers to maintain persistent control over a browser even after the user leaves a malicious page, which is not what is described in this scenario involving website injection and malware download.
• D. Clickjacking involves overlaying invisible UI elements on a legitimate webpage to trick users into clicking something unintended, which is unrelated to Joel's method of injecting redirect scripts into websites frequented by target employees.

Concept tested. Watering hole attack technique and execution

Reference. https://www.cisa.gov/news-events/alerts/2017/02/15/enhanced-analysis-grizzly-steppe-activity

No community discussion yet for this question.