ExpertHard1 markMultiple Choice
CPA · Question 38 · Area II: Security
Which of the following scenarios describes a 'Phishing' attack?
Which of the following scenarios describes a 'Phishing' attack?
Answer options:
A.
An attacker floods a web server with traffic to take it offline.
B.
An employee receives an email appearing to be from the IT helpdesk asking them to reset their password via a link.
C.
An attacker injects malicious SQL code into a login form.
D.
An attacker intercepts Wi-Fi traffic at a coffee shop.
How to approach this question
Phishing = Email/Message pretending to be someone else to steal info.
Full Answer
B.An employee receives an email appearing to be from the IT helpdesk asking them to reset their password via a link.✓ Correct
An employee receives an email appearing to be from the IT helpdesk asking them to reset their password via a link.
Phishing is a form of social engineering where attackers deceive users into revealing sensitive information (like passwords) by masquerading as a trustworthy entity in an electronic communication.
Common mistakes
Confusing Phishing with other attacks.
Practice the full CPA ISC Practice Exam 4
82 questions · hints · full answers · grading
More questions from this exam
Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...HardQ02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...HardQ03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...HardQ04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...HardQ05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard