Question15Max. score: 2.00With unrestricted access, the attacker initiates a complex operation to exfiltrate sensitive corporate and customer data. This operation involves sophisticated data obfuscation and encryption techniques to avoid detection by data loss prevention (DLP) systems, transferring massive amounts of data to secure offshore servers. What sophisticated technique could have thwarted this data exfiltration attempt?Implementing anomaly-based intrusion detection systems (IDS)Advanced encryption of sensitive data at rest and in transitAdoption of a zero-trust network architectureComprehensive end-to-end monitoring and alerting of data movements
Question
Question15Max. score: 2.00With unrestricted access, the attacker initiates a complex operation to exfiltrate sensitive corporate and customer data. This operation involves sophisticated data obfuscation and encryption techniques to avoid detection by data loss prevention (DLP) systems, transferring massive amounts of data to secure offshore servers. What sophisticated technique could have thwarted this data exfiltration attempt?Implementing anomaly-based intrusion detection systems (IDS)Advanced encryption of sensitive data at rest and in transitAdoption of a zero-trust network architectureComprehensive end-to-end monitoring and alerting of data movements
Solution
The sophisticated technique that could have thwarted this data exfiltration attempt is the adoption of a zero-trust network architecture.
Here's why:
-
Implementing anomaly-based intrusion detection systems (IDS): While this is a good practice, it might not be enough to prevent a sophisticated attack. Anomaly-based IDS might not detect a well-planned and complex operation that uses advanced obfuscation and encryption techniques.
-
Advanced encryption of sensitive data at rest and in transit: This is also a good practice, but it doesn't prevent data from being exfiltrated. It just makes the data useless if it's intercepted during the exfiltration process.
-
Adoption of a zero-trust network architecture: This is the best option. A zero-trust architecture assumes that no users or systems can be trusted by default, even those already inside the network. It requires all users and systems to verify their identity and permissions before they can access resources on the network. This could have prevented the attacker from gaining unrestricted access in the first place.
-
Comprehensive end-to-end monitoring and alerting of data movements: While this is also a good practice, it might not be enough to prevent a sophisticated attack. The attacker used advanced techniques to avoid detection by DLP systems, so they might also be able to avoid detection by monitoring and alerting systems.
Similar Questions
Which of the following behaviors may suggest an ongoing data exfiltration attack? Select two answers.1 分Multiple successful multi-factor authentication loginsNetwork performance issuesOutbound network traffic to an unauthorized file hosting serviceUnexpected modifications to files containing sensitive data
Question16Max. score: 2.00Following the initial access, the attacker employs a sophisticated blend of techniques to escalate privileges and move laterally within the network. The goal is to infiltrate high-value systems, including the internal data storage and financial systems, leveraging both technical exploits and social engineering tactics. What advanced technique is most likely used for lateral movement in this scenario?Exploiting zero-day vulnerabilities in network protocolsPass the Hash combined with social engineering to obtain elevated credentialsUtilizing a combination of spear phishing and remote code execution exploitsConducting man-in-the-middle (MitM) attacks on internal communication channels
Question3Max. score: 2.00Which of the following attacks are averted via TLS?EavesdroppingTamperingSocial engineeringAll the above
Question23Max. score: 2.00Which of the following attacks involves cyber criminals exploiting vulnerrabilities that are not yet known to the general public and which do not have any defenses implemented yet?Man-in-the-middleDenial of ServicePhishingZero Day
An attacker has infiltrated a network. Next, they spend time exploring it in order to expand and maintain their access. They look for valuable assets such as proprietary code and financial records. What does this scenario describe?1 分PhishingLarge internal file transferLateral movementNetwork data
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.