SY0-701 · Question #597
SY0-701 Question #597: Real Exam Question with Answer & Explanation
The correct answer is A: Spear-phishing attachment. Opening a resume received in a message is the definitive red flag - a malicious file delivered via targeted message is the textbook definition of a spear-phishing attachment, where "spear" indicates the attack was aimed at a specific individual rather than sent in bulk. B (Wateri
Question
A user's workstation becomes unresponsive and displays a ransom note demanding payment to decrypt files. Before the attack, the user opened a resume they received in a message, browsed the company's website, and installed OS updates. Which of the following is the most likely vector of this attack?
Options
- ASpear-phishing attachment
- BWatering hole
- CInfected website
- DTyposquatting
Explanation
Opening a resume received in a message is the definitive red flag - a malicious file delivered via targeted message is the textbook definition of a spear-phishing attachment, where "spear" indicates the attack was aimed at a specific individual rather than sent in bulk. B (Watering hole) is wrong because that technique involves compromising a website the target organization is known to visit, not the company's own site - and nothing here suggests a third-party site was poisoned. C (Infected website) is similar but even less specific; browsing the company's own website is unlikely to deliver ransomware, and no anomalous site behavior is described. D (Typosquatting) requires the user to mistype a URL and land on a lookalike domain, which is not mentioned anywhere in the scenario.
Memory tip: Spear = specific + attachment. If someone sent you a file and you opened it, think spear-phishing. The "spear" reminds you it's targeted (vs. broad phishing blasts), and the file is the weapon.
Topics
Community Discussion
No community discussion yet for this question.