Multiple Choice
A cybersecurity analyst is investigating a potential incident affecting multiple systems on a company's internal network. Although there is a negligible impact to performance, the following symptoms are present on each of the affected systems: Existence of a new and unexpected svchost.exe process Persistent, outbound TCP/IP connections to an unknown external host with routine keep-alives transferred DNS query logs showing successful name resolution for an Internet-resident dynamic DNS domain If this situation remains unresolved, which of the following will MOST likely occur?
A) The affected hosts may participate in a coordinated DDoS attack upon command
B) An adversary may leverage the affected hosts to reconfigure the company's router ACLs
C) Key files on the affected hosts may become encrypted and require ransom payment for unlock
D) The adversary may attempt to perform a man-in-the-middle attack
Correct Answer:
Verified
Correct Answer:
Verified
Q97: Which of the following roles is ultimately
Q98: Which of the following technologies can be
Q99: The Chief Information Officer (CIO) for a
Q100: An organization is moving its infrastructure to
Q101: A security analyst is trying to determine
Q103: A security analyst discovers accounts in sensitive
Q104: Bootloader malware was recently discovered on several
Q105: During a cyber incident, which of the
Q106: Because some clients have reported unauthorized activity
Q107: A security analyst recently used Arachni to