CompTIA Security+ (SY0-501) — Question 985

Before an infection was detected, several of the infected devices attempted to access a URL that was similar to the company name but with two letters transposed. Which of the following BEST describes the attack vector used to infect the devices?

Answer options

• A. Cross-site scripting
• B. DNS poisoning
• C. Typo squatting
• D. URL hijacking

Correct answer: C

Explanation

The correct answer is C, as typo squatting involves creating domains that are misspellings or variations of legitimate websites to capture unsuspecting users. Options A and B do not describe this specific scenario, as cross-site scripting refers to injecting scripts into web pages and DNS poisoning involves altering DNS records. Option D, URL hijacking, implies taking control of a legitimate URL, which is not the case here.