312-50V12 Question #305: Real Exam Question with Answer & Explanation

Question

Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

Options

• AHMI-based attack
• BSMishing attack
• CReconnaissance attack
• DSpear-phishing attack

Explanation

The attack involved Stephen sending a targeted, fraudulent email with a malicious attachment to specific employees of an organization, leading to malware injection and damage to industrial systems.

Common mistakes.

• A. An HMI-based attack involves exploiting vulnerabilities in Human-Machine Interfaces used to control industrial systems directly, which is distinct from an email-based initial compromise.
• B. SMishing refers to phishing attacks conducted specifically via SMS text messages, while the scenario clearly states that a 'fraudulent email' was used.
• C. Reconnaissance is the initial phase of gathering information about a target before an attack, not the execution phase involving sending malicious emails and injecting malware.

Concept tested. Identifying spear-phishing attacks in industrial control systems

Reference. https://learn.microsoft.com/en-us/microsoft-365/security/defender/phishing-scams-how-to-recognize-them-and-stay-safe?view=o365-worldwide

No community discussion yet for this question.