Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Cisco Exam 200-201 Topic 4 Question 81 Discussion

Actual exam question for Cisco's 200-201 exam
Question #: 81
Topic #: 4
[All 200-201 Questions]

A cyberattacker notices a security flaw in a software that a company is using They decide to tailor a specific worm to exploit this flaw and extract saved passwords from the software To which category of the Cyber Kill Cham model does this event belong?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Skye at Mar 08, 2024, 04:40 PM

Limited Time Offer

25%

Off

Get Premium 200-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Dion
10 months ago
That's true, but weaponization seems more fitting since they are creating a weapon to attack the system.
upvoted 0 times
...
Malcom
11 months ago
I believe it could also fall under exploitation, as they are exploiting the security flaw.
upvoted 0 times
...
Lai
11 months ago
I agree with Dion, because the cyberattacker is tailoring a worm to extract passwords.
upvoted 0 times
...
Dion
11 months ago
I think the event belongs to weaponization.
upvoted 0 times
...
Lenora
12 months ago
I see your point, Rene. It could be categorized under both weaponization and exploitation.
upvoted 0 times
...
Rene
12 months ago
But wouldn't this also be considered exploitation since they are extracting passwords from the software?
upvoted 0 times
...
Stevie
1 years ago
I agree with Renea. The cyberattacker is creating a weaponized worm to exploit the security flaw.
upvoted 0 times
...
Renea
1 years ago
I think this event falls under the weaponization category.
upvoted 0 times
...
Leslee
1 years ago
I'm with Coletta on this one. Exploiting the vulnerability to extract the passwords feels like the exploitation stage to me. Though I do see the arguments for reconnaissance and weaponization as well.
upvoted 0 times
Elsa
1 years ago
Absolutely, cybersecurity is constantly evolving to combat these types of attacks.
upvoted 0 times
...
Karon
1 years ago
Yes, regardless of which stage it falls under, it's a serious security threat that needs to be addressed.
upvoted 0 times
...
Tamala
1 years ago
I think we can all agree that it involves multiple stages of the Cyber Kill Chain model.
upvoted 0 times
...
Johnna
1 years ago
I see your point. It's definitely a tricky situation to categorize.
upvoted 0 times
...
Allene
1 years ago
That's true, but I think the main goal is to extract the passwords, so exploitation makes more sense.
upvoted 0 times
...
Vincenza
1 years ago
But couldn't this also fall under weaponization? They are creating a specific worm tailored to exploit the flaw.
upvoted 0 times
...
Tegan
1 years ago
I agree with you, it does seem like exploitation to me as well.
upvoted 0 times
...
...
Marti
1 years ago
What about delivery? The attacker is delivering a tailored worm to the target, right? That's gotta be part of the delivery stage, isn't it?
upvoted 0 times
...
Coletta
1 years ago
I'm leaning more towards the exploitation stage. The attacker is directly exploiting a known vulnerability in the software to extract the saved passwords. That seems like a clear-cut case of exploitation to me.
upvoted 0 times
...
Diego
1 years ago
Hmm, this seems like a tricky question. The attacker is clearly gathering information about the software flaw, which makes me think it's in the reconnaissance stage of the Cyber Kill Chain. But then they're tailoring a specific attack, which could be considered weaponization.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77