nerdexam
(ISC)2

CISSP · Question #374

Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?

The correct answer is A. Watering hole. A watering hole attack is a type of attack that targets a specific group of users by compromising a website that they frequently visit. The attacker then uses the compromised website to deliver malware or exploit code to the visitors, hoping to infect their systems and gain acces

Submitted by tyler.j· Mar 5, 2026Security and Risk Management

Question

Which of the following attacks is dependent upon the compromise of a secondary target in order to reach the primary target?

Options

  • AWatering hole
  • BBrute force
  • CSpear phishing
  • DAddress Resolution Protocol (ARP) poisoning

How the community answered

(54 responses)
  • A
    89% (48)
  • B
    2% (1)
  • C
    4% (2)
  • D
    6% (3)

Explanation

A watering hole attack is a type of attack that targets a specific group of users by compromising a website that they frequently visit. The attacker then uses the compromised website to deliver malware or exploit code to the visitors, hoping to infect their systems and gain access to their networks or data. A watering hole attack is dependent upon the compromise of a secondary target (the website) in order to reach the primary target (the users). A brute force attack, a spear phishing attack, and an Address Resolution Protocol (ARP) poisoning attack are not dependent on compromising a secondary target.

Topics

#Watering hole attack#Attack vectors#Threats#Social engineering

Community Discussion

No community discussion yet for this question.

Full CISSP Practice