Question16Max. score: 2.00Following the initial access, the attacker employs a sophisticated blend of techniques to escalate privileges and move laterally within the network. The goal is to infiltrate high-value systems, including the internal data storage and financial systems, leveraging both technical exploits and social engineering tactics. What advanced technique is most likely used for lateral movement in this scenario?Exploiting zero-day vulnerabilities in network protocolsPass the Hash combined with social engineering to obtain elevated credentialsUtilizing a combination of spear phishing and remote code execution exploitsConducting man-in-the-middle (MitM) attacks on internal communication channels
Question
Question16Max. score: 2.00Following the initial access, the attacker employs a sophisticated blend of techniques to escalate privileges and move laterally within the network. The goal is to infiltrate high-value systems, including the internal data storage and financial systems, leveraging both technical exploits and social engineering tactics. What advanced technique is most likely used for lateral movement in this scenario?Exploiting zero-day vulnerabilities in network protocolsPass the Hash combined with social engineering to obtain elevated credentialsUtilizing a combination of spear phishing and remote code execution exploitsConducting man-in-the-middle (MitM) attacks on internal communication channels
Solution
The advanced technique most likely used for lateral movement in this scenario is "Pass the Hash combined with social engineering to obtain elevated credentials". This method involves stealing password hashes and using them to authenticate as the user, bypassing the need for the actual password. Combined with social engineering, this can be a very effective method for gaining unauthorized access to high-value systems.
Similar Questions
An attacker has infiltrated a network. Next, they spend time exploring it in order to expand and maintain their access. They look for valuable assets such as proprietary code and financial records. What does this scenario describe?1 分PhishingLarge internal file transferLateral movementNetwork data
Question15Max. score: 2.00With unrestricted access, the attacker initiates a complex operation to exfiltrate sensitive corporate and customer data. This operation involves sophisticated data obfuscation and encryption techniques to avoid detection by data loss prevention (DLP) systems, transferring massive amounts of data to secure offshore servers. What sophisticated technique could have thwarted this data exfiltration attempt?Implementing anomaly-based intrusion detection systems (IDS)Advanced encryption of sensitive data at rest and in transitAdoption of a zero-trust network architectureComprehensive end-to-end monitoring and alerting of data movements
A social engineering technique in which attackers pose legitimate requests in order to gain access to confidential information is known as:Select one:Shoulder surfingPrivilege escalationPhishingBackdoor access
Which of the following is a common social engineering technique? Spear phishing Spoofing Denial of Service (DoS) attacks Malware attacks
Identify the list of computer-based social engineering techniques used by an attacker to trick a victim into disclosing personal information?Phishing and scarewareShoulder surfing and tailgatingEavesdropping and vishingDumpster diving and piggybacking
Upgrade your grade with Knowee
Get personalized homework help. Review tough concepts in more detail, or go deeper into your topic by exploring other relevant questions.