Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CrowdStrike Exam CCFH-202 Topic 7 Question 26 Discussion

Actual exam question for CrowdStrike's CCFH-202 exam
Question #: 26
Topic #: 7
[All CCFH-202 Questions]

Refer to Exhibit.

What type of attack would this process tree indicate?

Show Suggested Answer Hide Answer
Suggested Answer: C

This process tree indicates a phishing attack, as it shows a user opening an email attachment (outlook.exe) that launches a malicious macro (cmd.exe) that downloads and executes a payload (powershell.exe) that connects to a remote server (svchost.exe). A phishing attack is a type of social engineering attack that uses deceptive emails or messages to trick users into opening malicious attachments or links that can compromise their systems or credentials.


by Tracey at Aug 26, 2024, 05:04 PM

Limited Time Offer

25%

Off

Get Premium CCFH-202 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ashlyn
8 months ago
I think it's a man-in-the-middle attack, based on the pattern of activity.
upvoted 0 times
...
Clorinda
8 months ago
I'm not sure, it could also be a web application attack.
upvoted 0 times
...
Roy
8 months ago
Come on, it's so obvious. This is a Web Application Attack, probably trying to exploit some vulnerability in the site.
upvoted 0 times
...
Brigette
8 months ago
Pfft, you guys are way off. This is clearly a Phishing Attack - they're trying to lure the user into entering their credentials.
upvoted 0 times
...
Jina
8 months ago
I agree with Chi, the process tree looks suspicious.
upvoted 0 times
...
Chi
8 months ago
I think it's a phishing attack.
upvoted 0 times
...
Karima
8 months ago
Nah, this is a classic Man-in-the-middle Attack. Intercepting the connection and doing who knows what!
upvoted 0 times
Tuyet
7 months ago
We should be careful with our online activities to avoid falling victim to such attacks.
upvoted 0 times
...
Albina
7 months ago
Yeah, definitely looks like someone is intercepting the connection.
upvoted 0 times
...
Tyisha
7 months ago
Yeah, definitely looks like someone is intercepting the connection.
upvoted 0 times
...
Carlee
7 months ago
I think you're right, it does look like a Man-in-the-middle Attack.
upvoted 0 times
...
Alex
7 months ago
I think you're right, it does look like a Man-in-the-middle Attack.
upvoted 0 times
...
...
Jennifer
8 months ago
This is definitely a Brute Forcing Attack. Look at all those processes trying to guess the password!
upvoted 0 times
Cruz
7 months ago
A) Brute Forcing Attack
upvoted 0 times
...
Georgene
7 months ago
No way, it's definitely a Brute Forcing Attack. Look at all those processes trying to guess the password!
upvoted 0 times
...
Felicia
7 months ago
C) Phishing Attack
upvoted 0 times
...
Matthew
8 months ago
I agree, the process tree does indicate a Brute Forcing Attack.
upvoted 0 times
...
Serita
8 months ago
A) Brute Forcing Attack
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77