ExpertHard1 markMultiple Choice
CPA · Question 17 · Area II: Security
An attacker sends an email to the HR department with an attachment named 'Payroll_Update.exe' that looks like a PDF icon. When clicked, it installs software that logs keystrokes. Which stage of the cyber-attack lifecycle does the 'clicking of the attachment' represent?
An attacker sends an email to the HR department with an attachment named 'Payroll_Update.exe' that looks like a PDF icon. When clicked, it installs software that logs keystrokes. Which stage of the cyber-attack lifecycle does the 'clicking of the attachment' represent?
Answer options:
A.
Reconnaissance
B.
Delivery / Execution
C.
Command and Control
D.
Actions on Objectives
How to approach this question
Map the action to the Kill Chain. Clicking = Running the code = Execution.
Full Answer
B.Delivery / Execution✓ Correct
Delivery / Execution
This represents the Delivery (getting the weapon to the target) and Execution (running the malicious code) phases of a cyber attack.
Common mistakes
Confusing the initial infection with the later stages like Command and Control.
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard