Which of the following threats has the security analyst…

A security analyst is performing a forensic analysis on a machine that was the subject of some historic SIEM alerts. The analyst noticed some network connections utilizing SSL on non-common ports, copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. Which of the following threats has the security analyst uncovered?

A security analyst is performing a forensic analysis on a machine that was the subject of some historic SIEM alerts. The analyst noticed some network connections utilizing SSL on non-common ports, copies of svchost.exe and cmd.exe in %TEMP% folder, and RDP files that had connected to external IPs. Which of the following threats has the security analyst uncovered?

A.
DDoS

B.
APT

C.
Ransomware

D.
Software vulnerability

Explanation:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

aqwe22

aqwe22

I’m not sure if D is the correct answer. Why not B?

Reply