Certified Threat Intelligence Analyst (CTIA) — Question 44

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

Answer options

• A. Active online attack
• B. Zero-day attack
• C. Distributed network attack
• D. Advanced persistent attack

Correct answer: B

Explanation

A Zero-day attack targets vulnerabilities that are unknown to the software vendor, allowing attackers to exploit them before a patch is released. In contrast, an Active online attack involves direct interaction with a system, a Distributed network attack typically refers to attacks using multiple compromised systems, and an Advanced persistent attack is a long-term targeted strategy, rather than a quick exploitation of unpatched vulnerabilities.