CERTIFIED-IN-CYBERSECURITY · Question #335
CERTIFIED-IN-CYBERSECURITY Question #335: Real Exam Question with Answer & Explanation
The correct answer is B: A phishing email that tricks users into revealing their passwords. A phishing email is an example of a threat vector, as it is a specific method used by an attacker to gain unauthorized access to a system or network, often by tricking users into providing sensitive information, such as their passwords or login credentials (see ISC2 Study Guide,
Question
Which of the following is an example of a threat vector?
Options
- AA software bug that allows unauthorized access to a system
- BA phishing email that tricks users into revealing their passwords
- CA criminal hacking group targeting a specific organization
- DA natural disaster that could damage a data center
Explanation
A phishing email is an example of a threat vector, as it is a specific method used by an attacker to gain unauthorized access to a system or network, often by tricking users into providing sensitive information, such as their passwords or login credentials (see ISC2 Study Guide, Module 2, under Threats). A software bug that allows unauthorized access to a system is an example of a vulnerability, not a threat vector. A criminal hacking group targeting a specific organization is an example of a threat actor, not a threat vector. A natural disaster that could damage a data center is an example of a risk, not a threat vector.
Topics
Community Discussion
No community discussion yet for this question.