Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive dat a. They collected all sorts of sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information and so on. What should Jim do to detect the data staging before the hackers exfiltrate from the network?
A.
Jim should identify the attack at an initial stage by checking the content of the user agent field.
B.
Jim should analyze malicious DNS requests, DNS payload, unspecified domains, and destination of DNS requests.
C.
Jim should monitor network traffic for malicious file transfers, file integrity monitoring, and event logs.
D.
Jim should identify the web shell running in the network by analyzing server access, error logs, suspicious strings indicating encoding, user agent strings, and so on.
Answer:
C
User Votes:
A
50%
B
50%
C 1 votes
50%
D
50%
Discussions
0/ 1000
darave
4 months, 3 weeks ago
Correct answer C
Want to join our community?
Please log in or signup in order to use this feature
Correct answer C