CompTIA PenTest+ (PT0-001) — Question 133

An attacker uses SET to make a copy of a company's cloud-hosted web mail portal and sends an email in hopes the Chief Executive Officer (CEO) logs in to obtain the CEO's login credentials. Which of the following types of attacks is this an example of?

Answer options

• A. Elicitation attack
• B. Impersonation attack
• C. Spear phishing attack
• D. Drive-by download attack

Correct answer: A

Explanation

The correct answer is A, as the attacker's goal is to extract sensitive information from the CEO through deceptive means. Options B, C, and D describe different attack methods that do not specifically focus on eliciting information from a target by impersonating a legitimate entity.