exam questions

Exam PCNSA All Questions

View all questions & answers for the PCNSA exam

Exam PCNSA topic 1 question 26 discussion

Actual exam question from Palo Alto Networks's PCNSA
Question #: 26
Topic #: 1
[All PCNSA Questions]


At which stage of the Cyber-Attack Lifecycle would the attacker attach an infected PDF file to an email?

  • A. Delivery
  • B. Reconnaissance
  • C. Command and Control
  • D. Exploitation
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Grandslam
Highly Voted 2 years, 11 months ago
Selected Answer: A
PALO ALTO NETWORKS: PCNSA Study Guide 26: Delivery: This stage marks the transition from the attacker working outside of an organization’s network to working within an organization’s network. Malware delivered during this stage is designed to exploit existing software vulnerabilities. To deliver its initial malware, the attacker might choose to embed malicious code within seemingly innocuous PDF or Word files, or within an email message. For highly targeted attacks, an attacker might craft a deliverable related to the specific interests of an individual that might entice the individual into accessing a malicious website or opening an infected email message
upvoted 18 times
Oteslar
2 years ago
i agree with you.
upvoted 2 times
...
halifax
1 year, 8 months ago
This is very confusing! it defies all the security related training I've attended and books I've read. an attacker sending a random infected attachment via email seems to me, it is the first stage (exploration or reconnaissance).
upvoted 1 times
Ermbmx2
1 year, 8 months ago
Exploration and reconnaissance would not involve sending any infected attachments. Those first stages are used only to gather intel to determine individuals to target, possible vulnerabilities in the network, etc. This can involve looking at organizational structures/job positions, network port/vulnerability scans, etc. Those stages do not include any actual exploitation or attempted exploitation. its only to gather information to determine the best possible method for attack and successful installation or an exploitation. That is done in the delivery phase. So A is the correct answer.
upvoted 2 times
...
...
...
LordScorpius
Highly Voted 2 years, 9 months ago
When reading Security+ and other sources, the matter is clearer. "Deliver" is creating the package, not sending the package. "Exploit" is the initial attack. Thus, the answer: D Exploit
upvoted 7 times
eric11
2 years, 8 months ago
Answer is D https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
upvoted 3 times
...
Gerza27
2 years, 7 months ago
Exactly, D is correct: Exploitation: In this stage, attackers deploy an exploit against a vulnerable application or system, typically using an exploit kit or weaponized document. This allows the attack to gain an initial entry point into the organization.
upvoted 2 times
...
...
Nayak85
Most Recent 1 month ago
Selected Answer: A
A is correct
upvoted 1 times
...
MY303V8
8 months, 3 weeks ago
Is it correct to think about this in the following way: 1. The email itself is the delivery method. 2. The infected PDF is the exploit method.
upvoted 1 times
...
Snookerloopy
10 months, 4 weeks ago
Selected Answer: A
Delivery 100%
upvoted 1 times
...
Jackie26
1 year, 3 months ago
A.Delivery is the answer Weapon is transmitted to the target
upvoted 1 times
...
leeban
1 year, 5 months ago
Selected Answer: D
the answer is D. Exploitation The Delivery stage the Attackers will then determine which methods to use in order to deliver malicious payloads. such as exploit kits, spear phishing attacks with malicious links, or attachments and malvertizing. in Exploitation stage Attackers deploy an exploit against a vulnerable application or system, typically using an exploit kit or weaponized document. This is determined by the delivery method the chose in delivery stage. check this link:- https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#:~:text=Exploitation%3A%20In%20this%20stage%2C%20attackers,entry%20point%20into%20the%20organization.
upvoted 1 times
...
mlj23
1 year, 7 months ago
Answer A. But should read Weaponization and Delivery. Exploitation is once the infected pdf, doc, etc is opened and the the attack is deployed on the network. https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
upvoted 1 times
...
all_nicknames_are_taken
1 year, 9 months ago
It must be Delivery: the attacker in the question is just attaching a document to an email, therefore the email has not been yet sent at all: from what we know at this point, there might not be any exploitation phase (e.g. if the attacker does not hit "send")
upvoted 1 times
...
FahmiZnd
1 year, 11 months ago
The Answer is D, You can refer link below https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle
upvoted 1 times
...
daytonadave2011
1 year, 12 months ago
Selected Answer: A
A. When you think of the attacker attaching the exploit, it's prior to Exploitation so that could only mean Delivery.
upvoted 2 times
...
coboo
2 years, 6 months ago
Selected Answer: A
Absoluut A
upvoted 3 times
on2it
2 years, 6 months ago
correct, coboo
upvoted 1 times
...
...
javim
2 years, 6 months ago
Selected Answer: A
To deliver its initial malware, the attacker might choose to embed malicious code within seemingly innocuous PDF or Word files, or within an email message.
upvoted 3 times
...
kewokil120
2 years, 7 months ago
Selected Answer: A
A is correct
upvoted 2 times
...
Flixis
2 years, 7 months ago
Delivery, IF the question were worded: At which stage of the Cyber-Attack Lifecycle would the attacker send an email with an infected PDF file attached? Attaching an infected PDF file to an email happens @ Weaponization. PCNSA Study guide "All Weaponization activity occurs on machines away from the target." Sending the email would be at the Delivery phase.
upvoted 2 times
...
Luongchacha1
2 years, 9 months ago
I think This question is Missing a answer.
upvoted 4 times
...
error_909
2 years, 9 months ago
Selected Answer: A
Answer A is Correct
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago