Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What type of attack was Jerry's investigation focused on when credentials were stolen by an attacker?

OS-based attack
Browser-based attack
Network-based attack
Application-based attack

The correct answer is: Browser-based attack

The focus on a browser-based attack in this scenario is particularly relevant when considering how credentials are typically stolen. In a browser-based attack, attackers employ various methods such as phishing, drive-by downloads, or exploiting vulnerabilities in web applications to trick users into providing their login information. When credentials are stolen, it often involves the attacker gaining access to users' information without needing to compromise their operating system directly or infiltrate the network layer. Instead, the attack happens within the context of a web browser, where users are often prompted to enter their credentials. This makes it a prime vector for credential theft, as browsers frequently facilitate user interactions with various applications and services online. Additionally, browser-based attacks take advantage of the fact that users frequently trust their browsers to handle sensitive information securely, making it easier for attackers to manipulate them into revealing credentials or personal data through social engineering techniques and malicious websites. Therefore, focusing on a browser-based attack aligns well with the context of credential theft in this investigation.