CompTIA Security+ (SY0-501) — Question 205

An attacker discovers a new vulnerability in an enterprise application. The attacker takes advantage of the vulnerability by developing new malware. After installing the malware, the attacker is provided with access to the infected machine.
Which of the following is being described?

Answer options

• A. Zero-day exploit
• B. Remote code execution
• C. Session hijacking
• D. Command injection

Correct answer: A

Explanation

The correct answer is A, Zero-day exploit, as it refers to the exploitation of a recently discovered vulnerability before it has been patched. The other options, such as Remote code execution, Session hijacking, and Command injection, describe different types of attacks that do not specifically relate to exploiting a new vulnerability in this context.