Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 232

A user received a suspicious email and reported it to the SOC team. After analysis, the team concluded that it was a spear phishing attack. According to the Diamond Model, how is the phishing email categorized?

Answer options

• A. capability
• B. infrastructure
• C. adversary
• D. victim

Correct answer: A

Explanation

The correct answer is A, capability, because spear phishing attacks demonstrate the ability of an adversary to craft deceptive emails that can manipulate victims. The other options do not apply: infrastructure refers to the systems used in attacks, adversary is the attacker, and victim is the target of the attack.