nerdexam
GIAC

GCIH · Question #796

What is a common characteristic of both a watering hole attack and a drive-by attack?

The correct answer is A. Targets a browser or files associated with the browser. Both watering hole and drive-by attacks share the characteristic of exploiting browser vulnerabilities to silently compromise victims who visit malicious or compromised web pages.

Web Application Attacks & Post-Exploitation

Question

What is a common characteristic of both a watering hole attack and a drive-by attack?

Options

  • ATargets a browser or files associated with the browser
  • BTargets a specific vertical industry or organization
  • CThe attacker uses customized exploits, not off-the-shelf exploits
  • DThe attack is based on server-side request forgery, not cross site request forgery

How the community answered

(35 responses)
  • A
    77% (27)
  • B
    6% (2)
  • C
    14% (5)
  • D
    3% (1)

Why each option

Both watering hole and drive-by attacks share the characteristic of exploiting browser vulnerabilities to silently compromise victims who visit malicious or compromised web pages.

ATargets a browser or files associated with the browserCorrect

Both attack types use the victim's web browser or browser-associated components (plugins, JavaScript engines, document renderers) as the primary exploitation surface. In both cases the victim is compromised simply by visiting a web page, with no additional user interaction required, making browser targeting the defining shared mechanism.

BTargets a specific vertical industry or organization

Watering hole attacks do target specific industries or groups, but drive-by attacks are broadly opportunistic and are not aimed at any particular vertical or organization.

CThe attacker uses customized exploits, not off-the-shelf exploits

Both attack types commonly rely on publicly available exploit kits and off-the-shelf vulnerabilities rather than requiring the attacker to develop custom exploits.

DThe attack is based on server-side request forgery, not cross site request forgery

Neither attack type is based on server-side request forgery - both rely on client-side browser exploitation triggered when the victim loads a malicious page.

Concept tested: Browser-based web attack delivery mechanisms

Source: https://attack.mitre.org/techniques/T1189/

Topics

#watering hole attack#drive-by download#browser exploitation#client-side attacks

Community Discussion

No community discussion yet for this question.

Full GCIH Practice