Multiple Choice
A security analyst is attempting to utilize the following threat intelligence for developing detection capabilities: APT X's approach to a target would be sending a phishing email to the target after conducting active and passive reconnaissance. Upon successful compromise, APT X conducts internal reconnaissance and attempts to move laterally by utilizing existing resources. When APT X finds data that aligns to its objectives, it stages and then exfiltrates data sets in sizes that can range from 1GB to 5GB. APT X also establishes several backdoors to maintain a C2 presence in the environment. In which of the following phases in this APT MOST likely to leave discoverable artifacts?
A) Data collection/exfiltration
B) Defensive evasion
C) Lateral movement
D) Reconnaissance
Correct Answer:
Verified
Correct Answer:
Verified
Q77: An information security analyst is compiling data
Q78: A company was recently awarded several large
Q79: During an investigation, a security analyst determines
Q80: A developer wrote a script to make
Q81: Clients are unable to access a company's
Q83: An organization was alerted to a possible
Q84: A security analyst received a SIEM alert
Q85: A company's Chief Information Security Officer (CISO)
Q86: A cybersecurity analyst is responding to an
Q87: An analyst wants to identify hosts that