Question: You are a cybersecurity analyst investigating a potential data exfiltration incident in your organization. You found the min C 2 channel was over DNS .

You are a cybersecurity analyst investigating a potential data exfiltration incident in your organization. You found the min C2 channel was over DNS. As you review the details of the incident, you come across evidence the Mitre Att&ck technique T1048- Exfiltration Over Alternative Protocol was used. You found a POST method used to send a sensitive file to a server on the Internet. Your supervisor asks you to hypothesize which of the following was used as the alternate protocol for the exfiltration:
Question 13 options:
DNS
HTTP
SNMP
RDP

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Databases Questions!

Q:

1. Which of the following principles describes how a security analyst should communicate during an incident? A. The communication should be limited to trusted parties only. B. The communication...

Q:

Question: It is a common case that institutions to collect and store the personal data of staff and students from around the world, what are the additional considerations for Personally Identifiable...

Q:

1. The business has been informed of a suspected breach of customer data. The internal audit team, in conjunction with the legal department, has begun working with the cybersecurity team to validate...

Q:

354. An organization is performing vendor selection activities for penetration testing, and a security analyst is reviewing the MOA and rules of engagement, which were supplied with proposals. Which...

Q:

BELUS THE VILLA BUSINESS PROCESS A. Core Process These are the end-to-end, cross-functional processes that directly deliver value to external clients or intermediaries. Core processes are often...

Q:

Review the scenario below. Then complete the step-by-step instructions. You are a cybersecurity analyst working for a multimedia company that offers web design services, graphic design, and social...

Q:

governance model to align changing business needs with IT While the Business Monarchy and IT Monarchy archetypes delivery. represent a centralized decision making structure, Feudal archetype reflects...

Q:

1. Describe the communication process. 2. Understand the importance of feedback in the communication process. 3. Understand various verbal and nonverbal methods of communication. 4. Understand the...

Q:

Benchmarking: An International Journal Impact of e-procurement on procurement practices and performance Gioconda Quesada Marvin E. Gonzlez James Mueller Rene Mueller Downloaded by UNIVERSITY OF...

Q:

Information Security Risk Management ITC6315 Assignment 2 Assignment For this exercise, read the provided case study about AcmeHealth, and rate the risk exposure for each finding related to the...

Q:

Determining Financial Statement Effects of Adjusting Entries Refer to AP4-2. Required: 1. Indicate whether each transaction relates to a deferred revenue, deferred expense, accrued revenue, or...

Q:

1. How much total sale revenue from the transaction is included in See Co.'s 20x1 statement of profit or loss? 2. How much total sale revenue from the transaction is included in See Co.'s 20x2...

Q:

8. How are the cost of goods manufactured, the cost of goods sold, the income statement, and the balance sheet related for a manufacturing company? What specific items flow from one statement or...

Q:

? ? ? ? ? ? ? ? ? ? ? ? ? b l a n k i n v o l v e s d e v e l o p m e n t p r o g r a m s , c o u r s e s , a n d e v e n t s t h a t a r e d e v e l o p e d a n d o r g a n i z e d b y t h e c o m p...

Q:

To appreciate the importance of symbolic capacities, imagine the following: living only in the present without memories or hopes and plans; thinking only in terms of literal reality, not what might...

Q:

What could you say to Jim to help him and his parents reach a shared perspective on his academic work?

Q:

The national Student Voices Project was created in 2000 by the Annenberg Public Policy Center. Over the years, it has been launched in multiple cities. Learn more about this project by going to the...