🛡️ Free practice test question from: threat vectors (Security+)

A watering hole attack is a targeted cybersecurity threat where an attacker identifies and compromises websites that are commonly used by a specific group of people, such as employees of a particular organization, members of an industry, or people with a shared interest. The goal is to strategically place malware on these sites, which will then infect the devices of the targeted group when they visit the compromised website, much like predators waiting near a watering hole to ambush their prey.

The term "watering hole attack" is a metaphorical reference to how predators in the wild hunt their prey. In nature, predators will wait near water sources (watering holes) that animals must visit to drink, knowing that their potential victims will eventually come to these essential locations.

The other options describe different types of cyber attacks:

A) Describes phishing

C) Describes brute force password attacks

D) Describes a man-in-the-middle attack