SY0-301 · Question #790
The business has an established relationship with an organization using the URL of following would BEST describe this type of attack?
The correct answer is A. Typo squatting. Typo squatting (also called URL hijacking) is an attack where a threat actor registers a domain name that is a common misspelling or slight variation of a legitimate, trusted URL (e.g., 'gooogle.com' instead of 'google.com'). Because the business has a known relationship with the
Question
The business has an established relationship with an organization using the URL of following would BEST describe this type of attack?
Options
- ATypo squatting
- BSession hijacking
- CCross-site scripting
- DSpear phishing
How the community answered
(46 responses)- A87% (40)
- B4% (2)
- C2% (1)
- D7% (3)
Explanation
Typo squatting (also called URL hijacking) is an attack where a threat actor registers a domain name that is a common misspelling or slight variation of a legitimate, trusted URL (e.g., 'gooogle.com' instead of 'google.com'). Because the business has a known relationship with the legitimate organization, users are likely to visit that URL regularly. If an employee or customer mistypes the URL, they land on the attacker's malicious site instead. This exploits familiarity and human error. Session hijacking (B) involves stealing an active session token. Cross-site scripting (C) injects malicious scripts into web pages. Spear phishing (D) is a targeted email attack - none of these describe registering a fake lookalike domain.
Topics
Community Discussion
No community discussion yet for this question.