GCIH · Question #796
What is a common characteristic of both a watering hole attack and a drive-by attack?
The correct answer is A. Targets a browser or files associated with the browser. Both watering hole and drive-by attacks share the characteristic of exploiting browser vulnerabilities to silently compromise victims who visit malicious or compromised web pages.
Question
What is a common characteristic of both a watering hole attack and a drive-by attack?
Options
- ATargets a browser or files associated with the browser
- BTargets a specific vertical industry or organization
- CThe attacker uses customized exploits, not off-the-shelf exploits
- DThe attack is based on server-side request forgery, not cross site request forgery
How the community answered
(35 responses)- A77% (27)
- B6% (2)
- C14% (5)
- D3% (1)
Why each option
Both watering hole and drive-by attacks share the characteristic of exploiting browser vulnerabilities to silently compromise victims who visit malicious or compromised web pages.
Both attack types use the victim's web browser or browser-associated components (plugins, JavaScript engines, document renderers) as the primary exploitation surface. In both cases the victim is compromised simply by visiting a web page, with no additional user interaction required, making browser targeting the defining shared mechanism.
Watering hole attacks do target specific industries or groups, but drive-by attacks are broadly opportunistic and are not aimed at any particular vertical or organization.
Both attack types commonly rely on publicly available exploit kits and off-the-shelf vulnerabilities rather than requiring the attacker to develop custom exploits.
Neither attack type is based on server-side request forgery - both rely on client-side browser exploitation triggered when the victim loads a malicious page.
Concept tested: Browser-based web attack delivery mechanisms
Source: https://attack.mitre.org/techniques/T1189/
Topics
Community Discussion
No community discussion yet for this question.