Multiple Choice
An analyst is alerted for a malicious file hash. After analysis, the analyst determined that an internal workstation is communicating over port 80 with an external server and that the file hash is associated with Duqu malware. Which tactics, techniques, and procedures align with this analysis?
A) Command and Control, Application Layer Protocol, Duqu
B) Discovery, Remote Services: SMB/Windows Admin Shares, Duqu
C) Lateral Movement, Remote Services: SMB/Windows Admin Shares, Duqu
D) Discovery, System Network Configuration Discovery, Duqu
Correct Answer:
Verified
Correct Answer:
Verified
Q9: A logistic company must use an outdated
Q10: What is a limitation of cyber security
Q11: An engineer received an alert of a
Q12: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q13: Which bash command will print all lines
Q15: The incident response team receives information about
Q16: Refer to the exhibit. What is occurring
Q17: A SIEM tool fires an alert about
Q18: An employee abused PowerShell commands and script
Q19: After a recent malware incident, the forensic