A technician recently updated a printer driver on all the computers in an office. Shortly after the update, several users' accounts and passwords were compromised. Which of the following MOST likely explains the compromised accounts?
Bad question and answers to the question. What it may mean is all the computers received a Trojan Horse from downloading the driver update. The computers then became a botnet and credentials were sent out.
Why would a botnet compromise accounts and passwords? Keylogger is the only thing that has that capability, and was most likely installed in a fake driver that contained a trojan.
"which explains the compromissed account?" refers to the current state of the accounts, I go for A. It doesn't ask what happened to the accounts. But I agree that the question could be asked in a better way. Because I have to assume they are part of a network, there is nothing mentioned about it.
What an awful question and answer options. If the driver contains a trojan then there are various possible ways to compromise data. Trojan should be the correct answer but...
With CompTIA questioning style I would expect them to reference high outbound network traffic if the correct answer was botnet (as they do in another question) therefore I will say keylogger. Another reason I believe keylogger to be correct is that this attack is stealing credentials (the primary purpose of a keylogger) while the primary purpose of a botnet is siphoning computing resources usually to create DDoS attacks or other illicit purposes (such as additional resources for cracking or bitcoin mining).
Updated a printer driver on "ALL" the computers
"SEVERAL" users's accounts and passwords were compromised
If it is botnet, should be all user's accounts and passwords were compromised instead several?
I go for keylogger
Right and the antivirus definitions not being updated led to the supposed trojan horse with the possibility of a keylogger, which we don't even know if thats what really happened (keylogging). I will go with the antivirus, because it would prevent any of this, except for a zero-day attack, which is not a given possibility.
It asks what explains the situation, not what kind of potential attack occurred. Follow CompTIA's bullshit logic pertaining to other questions, and you can see what is going on here.
One thing we know for sure, this horse shit website is wrong again, as usual
This question is tricky. However, since keylogger needs users to type in in order for it to capture information, and in this case the username/passwords were compromised shortly after the update, and its not known if all users started using or typing in that soon. On the other hand, botnets are sometimes responsible for username/password compromise, so I think it is the possible answer.
If you download a "driver" from third-party sites, you may actually be downloading a trojan. If a keylogger were installed along with the supposed drivers, all it takes is a screen unlock to enter credentials and capture them with the keylogger.
upvoted 6 times
...
...
This section is not available anymore. Please use the main Exam Page.220-1002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
YettiSpider
Highly Voted 4 years, 7 months agoYettiSpider
Highly Voted 4 years, 7 months agomoneymoney1995
Most Recent 2 years, 8 months agoGhaeicSD
2 years, 8 months agoBeffJezosReeeee
2 years, 10 months agontungala
2 years, 11 months agoiLikeBeagButt
3 years agopast94
3 years, 2 months agoMindyTeflon
3 years, 8 months agodnbly
4 years, 1 month agoCatchARide
4 years, 1 month agojohnsonsteel
3 years, 11 months agoJasonSignupHappy
4 years, 3 months agonischal123
4 years, 6 months agoYouKownNothingJonSnow
4 years, 4 months ago