ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 110 discussion

Actual exam question from CompTIA's CS0-001
Question #: 110
Topic #: 1
[All CS0-001 Questions]

A production web server is experiencing performance issues. Upon investigation, new unauthorized applications have been installed and suspicious traffic was sent through an unused port. Endpoint security is not detecting any malware or virus. Which of the following types of threats would this MOST likely be classified as?

  • A. Advanced persistent threat
  • B. Buffer overflow vulnerability
  • C. Zero day
  • D. Botnet
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by TheThreatGuy at June 13, 2020, 12:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Kuku55
4 years, 2 months ago
Guys please search the meaning again. APT: stealthy threat actor, which gains unauthorized access to a computer network and remains undetected for an extended period, they are persistent/only attacks one org at a time. But a opportunistic attack can still install new software to endpoints right? Even a penetration tester can do that, even I and you can do that c'mon. That is needed in post explotation phase. 0 day: a vuln even the vendors doesn't know about that is why its a zero day you will start counting from that day it is discovered, that is the reason why it is not detected by endpoint security. Please dont answer or base your judgement just because it asks for Threat and T from APT is Threat lol thats hilarious.
upvoted 1 times
IWantCarX
2 years, 2 months ago
bro, threats use vulnerabilities, its asking for the threat, so APT, stop teaching people when u dont know what youre saying
upvoted 1 times
...
...
[Removed]
4 years, 7 months ago
APT is correct
upvoted 3 times
...
RazaG
4 years, 7 months ago
The key in this questions is "installation of new applications" which APT can do.
upvoted 4 times
...
Takondwa
4 years, 8 months ago
I think is zero day, APT normally runs for a long period without being Identified
upvoted 2 times
...
TheThreatGuy
4 years, 10 months ago
I disagree here... An APT is typically described as an attack over time from foreign soil... which is possible here, but I think the MOST likely would be Zero Day based on the evidence given... Change my mind.
upvoted 1 times
Rowlandmarc
4 years, 10 months ago
Zero Days are vulns that have not yet been mitigated. Question asks for Threat which would suit APT most :) Additionally it mentions the use of new software etc which would signify APT as Zero Days aren't installations of apps.
upvoted 5 times
s3curity1
4 years, 10 months ago
I agree. Leaning on APT for this one.
upvoted 8 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago