Exam SY0-701 topic 1 question 507 discussion

The correct answer is: A. Impersonation Explanation: Impersonation refers to an attack where a malicious actor pretends to be someone else, typically by mimicking a legitimate website, email address, or service. In this scenario, the users are accessing emails through a duplicate site that is not controlled by the company, which indicates that the attacker is impersonating the company’s legitimate email platform to deceive users.

Bad question by CompTIA. A & B are correct, theoretically. Impersonation (as part of pharming) "is an attack in which a request for a website, typically an e-commerce site, is redirected to a similar-looking, but fake, website." (Sec+ Student Guide). Depending from the source is pharming a sub category of phishing. Even the Sec+ Student Guide states: "Phishing and pharming both depend on impersonation to succeed. ..." I guess, what CompTIA wanted to test, is if we understand the difference between phishing, smishing, vishing, and pharming. That's why Igo with A.

The answer is not impersonation, because impersonation refers to: More about pretending to be someone Usually person-to-person deception Doesn't typically involve duplicate sites

Why not C: impersonation refers to pretending to be someone else, but does not necessarily imply a fake site. So, i think the correct answer is phishing

The correct answer is C. Phishing. Phishing involves creating a fake website or email that mimics a legitimate one to trick users into providing sensitive information, such as login credentials. In this scenario, users are accessing emails through a duplicate site that is not run by the company, which is a classic example of phishing.

Impersonation, no reference to social engineering email, text, or call. Simply a website that is impersonating another.

this is the explanation of Impersonation