An impersonation attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

An impersonation attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website.

Explanation:
Pharming is an impersonation attack where traffic intended for a legitimate website is redirected to a fraudulent site that looks the same. This can happen when DNS records are poisoned or when malware alters a device’s or router’s DNS settings, so even if you type the correct address, you end up at a clone of the site. The goal is to make users unknowingly enter sensitive information, such as login credentials or payment details, on the fake site. This fits the scenario because the request for a site, like an e-commerce page, is redirected to a similar-looking but fake site, rather than the user simply mistyping a URL or a different mechanism being used. Watering hole attacks involve compromising sites that a target group visits to deliver malware, not directly impersonating a specific site at the moment of access. Typosquatting relies on users landing on a misspelled domain they type or click, which is a different path to deception. Business email compromise targets financial responses through fraudulent emails, not website redirection.

Pharming is an impersonation attack where traffic intended for a legitimate website is redirected to a fraudulent site that looks the same. This can happen when DNS records are poisoned or when malware alters a device’s or router’s DNS settings, so even if you type the correct address, you end up at a clone of the site. The goal is to make users unknowingly enter sensitive information, such as login credentials or payment details, on the fake site.

This fits the scenario because the request for a site, like an e-commerce page, is redirected to a similar-looking but fake site, rather than the user simply mistyping a URL or a different mechanism being used. Watering hole attacks involve compromising sites that a target group visits to deliver malware, not directly impersonating a specific site at the moment of access. Typosquatting relies on users landing on a misspelled domain they type or click, which is a different path to deception. Business email compromise targets financial responses through fraudulent emails, not website redirection.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy