Which type of attack is characterized by using existing system capabilities to pursue an attacker's agenda without malware?

The choice indicating a Living-Off-the-Land Non-malware Attack is correct because this type of attack leverages existing tools and capabilities already present in the system to execute malicious actions. Attackers utilize legitimate system processes, scripts, and built-in functions to conduct their operations, avoiding traditional malware methods which might trigger detection systems. This not only minimizes the chances of detection but also makes the attack appear as normal system activity.

For example, an attacker might use PowerShell on Windows systems, a legitimate administrative tool, to perform actions that could lead to data exfiltration or system compromise without introducing any new or malicious code into the environment.

In contrast, the other types of attacks mentioned have different characteristics. A Logic Bomb Attack typically refers to malicious code designed to trigger under specific conditions and usually involves the execution of malware. A Phishing Attack involves deceiving individuals to gain sensitive information through fraudulent communications, typically relying on social engineering rather than system capabilities. An SQL Injection Attack actively exploits vulnerabilities in database queries, which directly alters the normal function of software through malicious input rather than leveraging native system functions.

These distinctions underline the unique nature of Living-Off-the-Land Non-malware Attacks, focusing on using existing resources to achieve illicit objectives while remaining undetected.