Performing a Watering Hole Attack
Assessment Questions 10 points 1. Describe in one sentence of the use of social engineering as a part of an attack.
2. Describe in one sentence why is social engineering a valuable tool for an attacker?
3. Write the description of the human vulnerability does the watering hole attack exploits.
4. How can a watering hole attack help circumvent strict access policies in a primary target organization? 5. When using an HTA exploit to establish a reverse shell, describe in one sentence which action must the victim do to execute the attack?
6. How does a reverse shell connection allow an attacker to gain access to the target system?
7. Write the name of the tool that provides an attacker with commands for interacting with the remote system that has been compromised.
8. Write the name of the Meterpreter command which allows the attacker to hide its resource usage by switching the process being used to perform the malicious activity?
9. What is the primary goal during the infiltration stage of establishing an advanced persistent threat?
10. Describe the action that is important for maintaining a stealthy presence on a target machine that has been breached using Meterpreter.
