CERTIFIED-IN-CYBERSECURITY · Question #378
CERTIFIED-IN-CYBERSECURITY Question #378: Real Exam Question with Answer & Explanation
The correct answer is D: An attack that attempts to redirect legitimate users to malicious websites. Of the options provided, the most appropriate definition for phishing is an attack that attempts to redirect legitimate users to malicious Web sites (see ISC2 Study Guide, Chapter 5, Module 3). Phishing is a form of social engineering where attackers pose as trusted entities to t
Question
Which of the following is a definition of phishing?
Options
- AAn attack that consumes network resources and prevents legitimate activity
- BAn attack that attempts to gain access to a system using a false identity
- CAn attack that inserts a program into a system to alter data
- DAn attack that attempts to redirect legitimate users to malicious websites
Explanation
Of the options provided, the most appropriate definition for phishing is an attack that attempts to redirect legitimate users to malicious Web sites (see ISC2 Study Guide, Chapter 5, Module 3). Phishing is a form of social engineering where attackers pose as trusted entities to trick individuals into revealing sensitive information, often by directing them to fraudulent websites. The other options do not accurately define phishing. An attack that attempts to gain access to a system using a false identity is more like a spoofing attack. An attack that consumes network resources and prevents legitimate activity is a typical description of a Denial of Service (DoS) attack. An attack that injects a program into a system to alter data is more typical of malware, such as a virus or worm.
Topics
Community Discussion
No community discussion yet for this question.