Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Cisco Exam 200-201 Topic 4 Question 81 Discussion

Actual exam question for Cisco's 200-201 exam
Question #: 81
Topic #: 4
[All 200-201 Questions]

A cyberattacker notices a security flaw in a software that a company is using They decide to tailor a specific worm to exploit this flaw and extract saved passwords from the software To which category of the Cyber Kill Cham model does this event belong?

Show Suggested Answer Hide Answer
Suggested Answer: C

Contribute your Thoughts:

Dion
6 months ago
That's true, but weaponization seems more fitting since they are creating a weapon to attack the system.
upvoted 0 times
...
Malcom
6 months ago
I believe it could also fall under exploitation, as they are exploiting the security flaw.
upvoted 0 times
...
Lai
7 months ago
I agree with Dion, because the cyberattacker is tailoring a worm to extract passwords.
upvoted 0 times
...
Dion
7 months ago
I think the event belongs to weaponization.
upvoted 0 times
...
Lenora
7 months ago
I see your point, Rene. It could be categorized under both weaponization and exploitation.
upvoted 0 times
...
Rene
7 months ago
But wouldn't this also be considered exploitation since they are extracting passwords from the software?
upvoted 0 times
...
Stevie
7 months ago
I agree with Renea. The cyberattacker is creating a weaponized worm to exploit the security flaw.
upvoted 0 times
...
Renea
7 months ago
I think this event falls under the weaponization category.
upvoted 0 times
...
Leslee
8 months ago
I'm with Coletta on this one. Exploiting the vulnerability to extract the passwords feels like the exploitation stage to me. Though I do see the arguments for reconnaissance and weaponization as well.
upvoted 0 times
Elsa
7 months ago
Absolutely, cybersecurity is constantly evolving to combat these types of attacks.
upvoted 0 times
...
Karon
8 months ago
Yes, regardless of which stage it falls under, it's a serious security threat that needs to be addressed.
upvoted 0 times
...
Tamala
8 months ago
I think we can all agree that it involves multiple stages of the Cyber Kill Chain model.
upvoted 0 times
...
Johnna
8 months ago
I see your point. It's definitely a tricky situation to categorize.
upvoted 0 times
...
Allene
8 months ago
That's true, but I think the main goal is to extract the passwords, so exploitation makes more sense.
upvoted 0 times
...
Vincenza
8 months ago
But couldn't this also fall under weaponization? They are creating a specific worm tailored to exploit the flaw.
upvoted 0 times
...
Tegan
8 months ago
I agree with you, it does seem like exploitation to me as well.
upvoted 0 times
...
...
Marti
8 months ago
What about delivery? The attacker is delivering a tailored worm to the target, right? That's gotta be part of the delivery stage, isn't it?
upvoted 0 times
...
Coletta
8 months ago
I'm leaning more towards the exploitation stage. The attacker is directly exploiting a known vulnerability in the software to extract the saved passwords. That seems like a clear-cut case of exploitation to me.
upvoted 0 times
...
Diego
8 months ago
Hmm, this seems like a tricky question. The attacker is clearly gathering information about the software flaw, which makes me think it's in the reconnaissance stage of the Cyber Kill Chain. But then they're tailoring a specific attack, which could be considered weaponization.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77