Valid CPTIA Dumps shared by ExamDiscuss.com for Helping Passing CPTIA Exam! ExamDiscuss.com now offer the newest CPTIA exam dumps, the ExamDiscuss.com CPTIA exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CPTIA dumps with Test Engine here:
Access CPTIA Dumps Premium Version
(137 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 2/63
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on.
What should Jim do to detect the data staging before the hackers exfiltrate from the network?
What should Jim do to detect the data staging before the hackers exfiltrate from the network?
Correct Answer: C
In the scenario described, where attackers have penetrated the network and are staging data for exfiltration, Jim should focus on monitoring network traffic for signs of malicious file transfers, implement file integrity monitoring, and scrutinize event logs. This approach is crucial for detecting unusual activity that could indicate data staging, such as large volumes of data being moved to uncommon locations, sudden changes in file integrity, or suspicious entries in event logs. Early detection of these indicators can help in identifying the staging activity before the data is exfiltrated from the network.References:
* NIST Special Publication 800-61 Rev. 2, "Computer Security Incident Handling Guide"
* SANS Institute Reading Room, "Detecting Malicious Activity with DNS and NetFlow"
* NIST Special Publication 800-61 Rev. 2, "Computer Security Incident Handling Guide"
* SANS Institute Reading Room, "Detecting Malicious Activity with DNS and NetFlow"
- Question List (63q)
- Question 1: Sam received an alert through an email monitoring tool indic...
- Question 2: Jim works as a security analyst in a large multinational com...
- Question 3: Which of the following GPG18 and Forensic readiness planning...
- Question 4: Which of the following is a term that describes the combinat...
- Question 5: James is working as an incident responder at CyberSol Inc. T...
- Question 6: Eric is an incident responder and is working on developing i...
- Question 7: Kim, an analyst, is looking for an intelligence-sharing plat...
- Question 8: During the process of threat intelligence analysis, John, a ...
- Question 9: Michael, a threat analyst, works in an organization named Te...
- Question 10: Which of the following options describes common characterist...
- Question 11: Francis is an incident handler and security expert. He works...
- Question 12: Alice, a threat intelligence analyst at HiTech Cyber Solutio...
- Question 13: An analyst is conducting threat intelligence analysis in a c...
- Question 14: Which of the following components refers to a node in the ne...
- Question 15: If a hacker cannot find any other way to attack an organizat...
- Question 16: Which of the following is not a countermeasure to eradicate ...
- Question 17: In which of the following forms of bulk data collection are ...
- Question 18: Moses, a threat intelligence analyst at InfoTec Inc., wants ...
- Question 19: Which of the following port scanning techniques involves res...
- Question 20: XYZ Inc. was affected by a malware attack and James, being t...
- Question 21: James is a professional hacker and is employed by an organiz...
- Question 22: An XYZ organization hired Mr. Andrews, a threat analyst. In ...
- Question 23: Employee monitoring tools are mostly used by employers to fi...
- Question 24: In which of the following storage architecture is the data s...
- Question 25: Racheal is an incident handler working in InceptionTech orga...
- Question 26: Rinni is an incident handler and she is performing memory du...
- Question 27: Alice, an analyst, shared information with security operatio...
- Question 28: The following steps describe the key activities in forensic ...
- Question 29: Identify Sarbanes-Oxley Act (SOX) Title, which consists of o...
- Question 30: Tracy works as a CISO in a large multinational company. She ...
- Question 31: Your company sells SaaS, and your company itself is hosted i...
- Question 32: Jame, a professional hacker, is trying to hack the confident...
- Question 33: Daniel is a professional hacker whose aim is to attack a sys...
- Question 34: H&P, Inc. is a small-scale organization that has decided...
- Question 35: Allan performed a reconnaissance attack on his corporate net...
- Question 36: A colleague wants to minimize their security responsibility ...
- Question 37: Alice is a disgruntled employee. She decided to acquire crit...
- Question 38: An attacker instructs bots to use camouflage mechanism to hi...
- Question 39: Walter and Sons Company has faced major cyber attacks and lo...
- Question 40: Darwin is an attacker residing within the organization and i...
- Question 41: A US Federal Agency network was the target of a DoS attack t...
- Question 42: An attack on a network is BEST blocked using which of the fo...
- Question 43: ABC is a well-established cyber-security company in the Unit...
- Question 44: Which of the following is a standard framework that provides...
- Question 45: Alexis works as an incident responder at XYZ organization. S...
- Question 46: Andrews and Sons Corp. has decided to share threat informati...
- Question 47: Eric works as a system administrator at ABC organization and...
- Question 48: Jason is an incident handler dealing with malware incidents....
- Question 49: Mr. Bob, a threat analyst, is performing analysis of competi...
- Question 50: Kathy wants to ensure that she shares threat intelligence co...
- Question 51: Alexis is working as an incident responder in XYZ organizati...
- Question 52: Johnson an incident handler is working on a recent web appli...
- Question 53: Drake is an incident handler in Dark CLoud Inc. He is intend...
- Question 54: In which of the following phases of the incident handling an...
- Question 55: SecurityTech Inc. is developing a TI plan where it can drive...
- Question 56: A threat analyst wants to incorporate a requirement in the t...
- Question 57: Robert is an incident handler working for Xsecurity Inc. One...
- Question 58: In which of the following attacks does the attacker exploit ...
- Question 59: What is the correct sequence of steps involved in scheduling...
- Question 60: A threat analyst obtains an intelligence related to a threat...
- Question 61: Which of the following types of digital evidence is temporar...
- Question 62: Which of the following characteristics of APT refers to nume...
- Question 63: Sarah is a security operations center (SOC) analyst working ...
