Microsoft 365 Messaging — Question 120

You have a Microsoft Exchange Online tenant that uses Microsoft 365 Defender.

You plan to use Attack simulation training to simulate the following attack against users:

• Send an email message that contains a URL.
• If the users click the URL, redirect them to a website that requests a username and password.

Which technique should you use for the simulation?

Answer options

• A. Link to Malware
• B. Drive-by URL
• C. Credential Harvest
• D. Malware Attachment

Correct answer: C

Explanation

The correct answer is C, Credential Harvest, as it accurately describes the process of tricking users into providing their login information through a deceptive website. The other options do not specifically focus on collecting credentials: A involves malicious software links, B refers to automatic exploitation of vulnerabilities via URLs, and D deals with harmful attachments rather than phishing for credentials.