GIAC
GCIH · Question #678
GCIH Question #678: Real Exam Question with Answer & Explanation
The correct answer is B: User's browser. Drive-by download attacks silently exploit vulnerabilities in the victim's web browser or its plugins to deliver malware simply by visiting a malicious or compromised webpage.
Question
What do drive-by attacks typically take advantage of when delivering exploits?
Options
- AServer upload policy
- BUser's browser
- COld SSL version
- DWeak passwords
Explanation
Drive-by download attacks silently exploit vulnerabilities in the victim's web browser or its plugins to deliver malware simply by visiting a malicious or compromised webpage.
Common mistakes.
- A. Server upload policies control what file types can be submitted to a server and play no role in the client-side exploit delivery mechanism used by drive-by attacks.
- C. Outdated SSL/TLS versions represent a transport-layer weakness exploited for traffic interception or protocol downgrade attacks, not for browser-based payload delivery.
- D. Weak passwords are an authentication attack surface and are unrelated to the browser vulnerability exploitation used as the delivery vector in drive-by campaigns.
Concept tested. Drive-by download attack delivery via browser exploitation
Reference. https://owasp.org/www-community/attacks/Drive-by_Download_Attacks
Community Discussion
No community discussion yet for this question.