Exam SY0-601 topic 1 question 827 discussion

I dont see how malicious flash drive is part of the comptia syllabus. And RAT is.

Answer is RAT.

Looks more like a RAT

B. A RAT

RATs are characterized as not causing noticeable changes to the system

RAT. I cannot find Comptia docs discussing anything about a RAT ever slowing down a system, and it emphasizes more about how RATs can hide or be legitimate software. Further, a RAT would allow access outside standard logins, so failed auth would not show up in logs. -- Nothing in the question ever implies a flash drive is involved at all, and a malicious flash drive could definitely do some real damage in terms of system performance.

Answer is RAT.

A. Malicious flash drive Given that there is no degraded performance on the infected machines and no evidence of excessive failed logins in the log files, a likely scenario is that the malware infection occurred via a malicious flash drive. This form of attack involves spreading malware by infecting external storage devices (such as USB flash drives) and then transferring the malware to computers when those devices are connected.

Since it's possible RATs can (I know not always but can) slow down a computer, and they mentioned that, I'm going to disregard it and choose A. USB Flash Drive.

B. Remote Access Trojan (RAT) Several users’ computers were infected with malware after viewing files that were shared with them I'm assuming the infected files were shared digitally through an email to multiple users at once, and not physically through a flash drive shared with users one at a time or via multiple infected flash drives given to a group of people at once

While it’s true that some Remote Access Trojans (RATs) can slow down a system’s performance, it’s not always the case. The impact on system performance can vary greatly depending on the specific RAT and what it’s programmed to do. Some RATs are designed to be lightweight and stealthy, to avoid detection and maintain long-term access to the infected system. These types of RATs may not noticeably impact system performance. On the other hand, if a RAT is being used to carry out resource-intensive tasks (like cryptocurrency mining or launching DDoS attacks), then you might see a significant slowdown

I'm going with: B The questions does not specifically mention the file was shared via a flash drive. It could have been shared through a link, sent by email, shared folder, etc.

A. Malicious flash drive "were infected with malware after viewing files that were shared with them" RAT is not the best answer for that. Malicious flash drive is better.

A. Malicious flash drive In the given scenario, the most likely cause of malware infection on users' computers after viewing shared files is a malicious flash drive. Malicious actors may distribute malware using infected USB flash drives or other removable media. Users unknowingly connect the flash drive to their computers, leading to the unintentional installation of malware. The absence of degraded performance and the lack of excessive failed logins suggest that the malware was introduced through a method other than brute-forcing passwords or deploying a remote access Trojan (RAT). Cryptojacking, on the other hand, typically involves unauthorized cryptocurrency mining, and it doesn't align with the symptoms described in the scenario.

A. Malicious Flash drive as RATs slow down the system

B is the correct answer as listed. RAT can be installed without users knowledge by clicking on links.

A remote access trojan (RAT) - are typically downloaded together with a seemingly legitimate program, like a game, or are sent to the target as an email attachment. RATs can allow attackers to remotely control the infected machines, access files, and bypass security measures without causing noticeable performance issues or failed logins.