Solved

An Analyst Is Alerted for a Malicious File Hash

Question 106

Multiple Choice

An analyst is alerted for a malicious file hash. After analysis, the analyst determined that an internal workstation is communicating over port 80 with an external server and that the file hash is associated with Duqu malware. Which tactics, techniques, and procedures align with this analysis?


A) Command and Control, Application Layer Protocol, Duqu
B) Discovery, Remote Services: SMB/Windows Admin Shares, Duqu
C) Lateral Movement, Remote Services: SMB/Windows Admin Shares, Duqu
D) Discovery, System Network Configuration Discovery, Duqu

Correct Answer:

verifed

Verified

Unlock this answer now
Get Access to more Verified Answers free of charge

Related Questions

Q96: Refer to the</p></div><svg width=

Q97: How does Wireshark decrypt TLS network traffic?
A)

Q98: A patient views information that is not

Q99: Refer to the exhibit. Which command was

Q100: Refer to the</p></div><svg width=

Q101: An employee who often travels abroad logs

Q102: Refer to the</p></div><svg width=

Q103: Refer to the</p></div><svg width=

Q104: Refer to the exhibit. For IP 192.168.1.209,

Q105: Refer to the</p></div><svg width=

Unlock this Answer For Free Now!

View this answer and more for free by performing one of the following actions

qr-code

Scan the QR code to install the App and get 2 free unlocks

upload documents

Unlock quizzes for free by uploading documents