PrepAway - Latest Free Exam Questions & Answers

Which of the following BEST describes this exploit?

A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has been created for a
frequently used application. She notifies the software vendor and asks them for remediation steps, but is
alarmed to find that no patches are available to mitigate this vulnerability.
Which of the following BEST describes this exploit?

PrepAway - Latest Free Exam Questions & Answers

A.
Malicious insider threat

B.
Zero-day

C.
Client-side attack

D.
Malicious add-on

Explanation:
A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then
exploited by hackers before the vendor becomes aware and hurries to fix it—this exploit is called a zero-day
attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user
information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers,
specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must
protect users.
In this question, there are no patches are available to mitigate the vulnerability. This is therefore a zero-day
vulnerability.

PrepAway - Latest Free Exam Questions & Answers

Leave a Reply