CompTIA Security+ (SY0-601) — Question 189

An attacker replaces a digitally signed document with another version that goes unnoticed. Upon reviewing the document’s contents, the author notices some additional verbiage that was not originally in the document but cannot validate an integrity issue. Which of the following attacks was used?

Answer options

• A. Cryptomalware
• B. Hash substitution
• C. Collision
• D. Phishing

Correct answer: C

Explanation

The correct answer is C, Collision, as it refers to a situation where two different inputs produce the same hash value, allowing an attacker to replace the original document with a modified one that passes integrity checks. Options A, B, and D do not apply here; Cryptomalware is malware that encrypts files, Hash substitution involves replacing a hash, and Phishing is a social engineering attack that targets user credentials, none of which relate to the scenario described.