Valid CPTIA Dumps shared by ExamDiscuss.com for Helping Passing CPTIA Exam! ExamDiscuss.com now offer the newest CPTIA exam dumps, the ExamDiscuss.com CPTIA exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com CPTIA dumps with Test Engine here:
Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on. What should Jim do to detect the data staging before the hackers exfiltrate from the network?
Correct Answer: C
In the scenario described, where attackers have penetrated the network and are staging data for exfiltration, Jim should focus on monitoring network traffic for signs of malicious file transfers, implement file integrity monitoring, and scrutinize event logs. This approach is crucial for detecting unusual activity that could indicate data staging, such as large volumes of data being moved to uncommon locations, sudden changes in file integrity, or suspicious entries in event logs. Early detection of these indicators can help in identifying the staging activity before the data is exfiltrated from the network.References: * NIST Special Publication 800-61 Rev. 2, "Computer Security Incident Handling Guide" * SANS Institute Reading Room, "Detecting Malicious Activity with DNS and NetFlow"