CompTIA Exam CS0-003 Topic 3 Question 6 Discussion

Actual exam question for CompTIA's CS0-003 exam

Question #: 6
Topic #: 3

After completing a review of network activity. the threat hunting team discovers a device on the network that sends an outbound email via a mail client to a non-company email address daily

at 10:00 p.m. Which of the following is potentially occurring?

AIrregular peer-to-peer communication

BRogue device on the network

CAbnormal OS process behavior

DData exfiltration

Show Suggested Answer

Suggested Answer: D

Data exfiltration is the theft or unauthorized transfer or movement of data from a device or network. It can occur as part of an automated attack or manually, on-site or through an internet connection, and involve various methods. It can affect personal or corporate data, such as sensitive or confidential information.Data exfiltration can be prevented or detected by using compression, encryption, authentication, authorization, and other controls1

The network activity shows that a device on the network is sending an outbound email via a mail client to a non-company email address daily at 10:00 p.m. This could indicate that the device is compromised by malware or an insider threat, and that the email is used to exfiltrate data from the network to an external party. The email could contain attachments, links, or hidden data that contain the stolen information. The timing of the email could be designed to avoid detection by normal network monitoring or security systems.

by Tawna at Jul 24, 2023, 07:10 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!