ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 14 discussion

Actual exam question from CompTIA's CAS-004
Question #: 14
Topic #: 1
[All CAS-004 Questions]

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped.
The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.
The technician will define this threat as:

  • A. a decrypting RSA using obsolete and weakened encryption attack.
  • B. a zero-day attack.
  • C. an advanced persistent threat.
  • D. an on-path attack.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by CKRET at Feb. 5, 2022, 6:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
CKRET
Highly Voted 3 years, 2 months ago
C. An advanced persistent threat. This question doesn't describe a DROWN, Zero-Day or on-path attack. The malicious actor was persistent over time (three months) and exfiltrated the data it needed. Then stopped once its objective was met.
upvoted 11 times
...
RevZig67
Highly Voted 2 years, 11 months ago
Selected Answer: C
APT fits the description
upvoted 6 times
...
blacksheep6r
Most Recent 2 months, 4 weeks ago
Selected Answer: C
answer is C) an advanced persistent threat (APT). ✅ Explanation: An Advanced Persistent Threat (APT) is a prolonged and stealthy cyberattack where an attacker gains unauthorized access to a network and remains undetected for an extended period. In this case: Files were transferred over months, suggesting a persistent and stealthy exfiltration of data. The attacker used TLS-protected HTTP sessions, meaning they likely took steps to hide their activity and avoid detection. The activity stopped suddenly, which is characteristic of an APT either completing its objective or switching tactics to avoid detection. APTs are sneaky and patient, often operating undetected for months or even years. They carefully extract data while avoiding detection, making them one of the most dangerous cyber threats.
upvoted 1 times
...
BiteSize
7 months, 1 week ago
Selected Answer: C
APT Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
upvoted 4 times
...
Delab202
7 months, 1 week ago
Selected Answer: C
The threat described, where a large number of files were transferred to remote sites via TLS-protected HTTP sessions from systems that do not usually send traffic to those sites, is commonly indicative of: C. An advanced persistent threat (APT).
upvoted 3 times
...
23169fd
7 months, 1 week ago
Selected Answer: C
The key characteristics of an APT that align with the scenario described are: Prolonged activity: The large number of files were transferred over three months. Stealthy operation: The activity was detected after the fact, indicating the attackers were able to operate without immediate detection. Unexpected sources: The systems involved in the transfer do not typically send traffic to those remote sites, indicating unusual and targeted behavi
upvoted 3 times
...
FOURDUE
2 years, 3 months ago
Selected Answer: C
The malicious actor was persistent over time (three months) and exfiltrated the data it needed. Then stopped once the objective was met.
upvoted 6 times
...
twirlerrose
3 years, 1 month ago
C. I might lean towards A if it said SSL, but TLS is the successor to SSL...
upvoted 2 times
...
BlackdaRipper
3 years, 2 months ago
C - Advance Persistent Threat
upvoted 4 times
...
zapato
3 years, 2 months ago
Selected Answer: C
I agree with CKRET's analysis. C seems to be correct.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago