nerdexam
CompTIA

SY0-301 · Question #323

Which of the following attacks targets high level executives to gain company information?

The correct answer is B. Whaling. Whaling is a targeted spear-phishing attack aimed exclusively at high-level executives to obtain sensitive company data or authorize fraudulent transactions.

Threats, vulnerabilities, and mitigations

Question

Which of the following attacks targets high level executives to gain company information?

Options

  • APhishing
  • BWhaling
  • CVishing
  • DSpoofing

How the community answered

(38 responses)
  • B
    95% (36)
  • C
    3% (1)
  • D
    3% (1)

Why each option

Whaling is a targeted spear-phishing attack aimed exclusively at high-level executives to obtain sensitive company data or authorize fraudulent transactions.

APhishing

Phishing targets a broad or general audience rather than being specifically directed at high-level executives.

BWhalingCorrect

Whaling focuses on 'big fish' - senior executives such as CEOs or CFOs - who have privileged access to sensitive corporate data and financial authority. Because targets are high-value individuals, whaling attacks are highly customized and researched to appear legitimate, often mimicking legal subpoenas or board communications. The goal is typically to steal credentials, extract confidential data, or initiate fraudulent wire transfers.

CVishing

Vishing uses voice calls as the attack vector and is not defined by the seniority or role of its targets.

DSpoofing

Spoofing involves forging an identity such as an IP address or email sender and is not specifically a campaign targeting executives.

Concept tested: Whaling phishing attack targeting executives

Source: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks

Topics

#whaling#social engineering#spear phishing#executive targeting

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice