A cybersecurity analyst is investigating a potential incident affecting multiple systems on a company's internal network. Although there is a negligible impact to performance, the following symptoms are present on each of the affected systems: Existence of a new and unexpected svchost.exe process Persistent, outbound TCP/IP connections to an unknown external host with routine keep-alives transferred DNS query logs showing successful name resolution for an Internet-resident dynamic DNS domain If this situation remains unresolved, which of the following will MOST likely occur?
A) The affected hosts may participate in a coordinated DDoS attack upon command
B) An adversary may leverage the affected hosts to reconfigure the company's router ACLs
C) Key files on the affected hosts may become encrypted and require ransom payment for unlock
D) The adversary may attempt to perform a man-in-the-middle attack
Correct Answer:
Verified
Q151: An organization was alerted to a possible
Q152: A security analyst is evaluating two vulnerability
Q153: Which of the following secure coding techniques
Q154: A company is moving from the use
Q155: The help desk provided a security analyst
Q157: A large amount of confidential data was
Q158: A security analyst is investigating a malware
Q159: A security analyst is supporting an embedded
Q160: Which of the following MOST accurately describes
Q161: A Chief Security Officer (CSO) is working
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents