ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-001 All Questions

View all questions & answers for the CS0-001 exam
Go to Exam

Exam CS0-001 topic 1 question 71 discussion

Actual exam question from CompTIA's CS0-001
Question #: 71
Topic #: 1
[All CS0-001 Questions]

A security analyst is performing a forensic analysis on a machine that was the subject of some historic SIEM alerts. The analyst noticed some network connections utilizing SSL on non-common ports, copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. Which of the following threats has the security analyst uncovered?

  • A. DDoS
  • B. APT
  • C. Ransomware
  • D. Software vulnerability
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Samus_7 at Aug. 7, 2019, 10:29 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
slcc99
Highly Voted 5 years, 1 month ago
This question was in the exam :)
upvoted 8 times
...
moe1985
Highly Voted 5 years, 3 months ago
B. APT right answer
upvoted 6 times
...
Jeend
Most Recent 2 years, 4 months ago
Control and Command -copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. APT
upvoted 1 times
...
Acrisius
4 years, 5 months ago
Answer B - APT. Similar Q on 002
upvoted 2 times
...
maps7
5 years ago
APT is the answer.
upvoted 1 times
...
cyber_now
5 years, 2 months ago
Those are all software vulnerabilities, however especially "RDP files that had connected to external IPs" definitely shows that APT involved and this is an attack.
upvoted 1 times
...
T_rev93
5 years, 2 months ago
APTs are usually the right answer when an exam has them as an option.
upvoted 1 times
...
s3curity
5 years, 5 months ago
yeah Its B
upvoted 4 times
...
Samus_7
5 years, 9 months ago
B. APT should not be that Advanced guys doing such tricks > ? not sure about SW issue.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago