PT0-002 Question #455: Real Exam Question with Answer & Explanation

The correct answer is B: Watering hole. A watering hole attack involves compromising a website that is frequently visited by the target organization or group. By gaining control of the internal web server hosting the IT knowledge base, a penetration tester could modify the content or introduce malicious code that would

Post-exploitation and lateral movement

Question

A penetration tester managed to get control of an internal web server that is hosting the IT knowledge base. Which of the following attacks should the penetration tester attempt next?

Options

AVishing
BWatering hole
CWhaling
DSpear phishing

Explanation

A watering hole attack involves compromising a website that is frequently visited by the target organization or group. By gaining control of the internal web server hosting the IT knowledge base, a penetration tester could modify the content or introduce malicious code that would be downloaded or executed by employees who visit the site. This type of attack is effective because it leverages a trusted resource within the organization to spread malware or capture sensitive

Topics

#Post-exploitation#Lateral movement#Watering hole attack#Penetration testing techniques

Community Discussion

No community discussion yet for this question.

Full PT0-002 Practice Browse All PT0-002 Questions