312-50V9 · Question #484
312-50V9 Question #484: Real Exam Question with Answer & Explanation
The correct answer is A: Watering Hole Attack. Watering Hole is a computer attack strategy, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member o
Question
Options
- AWatering Hole Attack
- BHeartbleed Attack
- CShellshock Attack
- DSpear Phising Attack
Explanation
Watering Hole is a computer attack strategy, in which the victim is a particular group (organization, industry, or region). In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member of the targeted group gets infected. Incorrect Answers: B: Heartbleed is a security bug disclosed in April 2014 in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. It results from improper input validation (due to a missing bounds check) in the implementation of the TLS heartbeat extension, thus the bug's name derives from C: Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell, the first of which was disclosed on 24 September 2014. Many Internet-facing services, such as some web server deployments, use Bash to process certain requests, allowing an attacker to cause vulnerable versions of Bash to execute arbitrary commands. This can allow an attacker to gain unauthorized access to a computer system. D: Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. https://en.wikipedia.org/wiki/Watering_Hole
Community Discussion
No community discussion yet for this question.