When viewing the capture in a packet analyzer, the analyst sees the following:

CS0-002 V2

Last Post by Brain 1 year ago

1 Posts

1 Users

0 Likes

138 Views

RSS

Brain

(@rippebrain)

Posts: 721

Noble Member

Topic starter

A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised.

When viewing the capture in a packet analyzer, the analyst sees the following:

Which of the following can the analyst conclude?

A . Malware is attempting to beacon to 128.50.100.3.
B. The system is running a DoS attack against ajgidwle.com.
C. The system is scanning ajgidwle.com for PII.
D. Data is being exfiltrated over DNS.

Show Answer Hide Answer

Suggested Answer: D

Posted : 11/11/2022 6:49 am

Topic Tags

CompTIA CySA+

Latest CS0-002 V2 Dumps Valid Version

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download PDF

Forum Jump:

Previous Topic

Next Topic