Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Identify the malware distribution technique used when an attacker exploits browser flaws to install malware on user systems.

Phishing
Drive-by Downloads
Malvertising
Ransomware

The correct answer is: Drive-by Downloads

Drive-by downloads are a malware distribution technique where an attacker exploits vulnerabilities in a user's web browser or plugins to automatically install malware without the user's consent or knowledge. This technique commonly occurs when a user visits a compromised or malicious website that has been designed to take advantage of these vulnerabilities. When the browser accesses the site, the malicious code can exploit security flaws to download and execute malware on the user's device. This type of attack often does not require any user interaction other than visiting the compromised page, making it particularly insidious and difficult to defend against. In contrast, other techniques such as phishing involve socially engineered emails to trick users into providing sensitive information or downloading malware by clicking on deceptive links. Malvertising refers to the use of online advertisements to deliver malware, which may involve interactions from users but does not specifically focus on exploiting browser flaws. Ransomware is a type of malware that encrypts files on a system and demands payment, which can be distributed using a variety of methods, including drive-by downloads, but it is a specific end goal rather than a distribution mechanism.