Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam CAS-004 Topic 3 Question 71 Discussion

Actual exam question for CompTIA's CAS-004 exam
Question #: 71
Topic #: 3
[All CAS-004 Questions]

A technician is reviewing the logs and notices a large number of files were transferred to remote sites over the course of three months. This activity then stopped. The files were transferred via TLS-protected HTTP sessions from systems that do not send traffic to those sites.

The technician will define this threat as:

Show Suggested Answer Hide Answer
Suggested Answer: B

File hashing is used to create a digital fingerprint of files to detect unauthorized changes. By comparing the hash values before and after analysis, the integrity of the files can be validated. This aligns with CASP+ objective 5.2, which includes forensic evidence integrity and validation methods.


by Claudio at Mar 09, 2025, 11:03 AM

Limited Time Offer

25%

Off

Get Premium CAS-004 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Diego
2 months ago
An on-path attack? Really? With TLS-protected sessions? This guy must be living in the 90s or something. APT all the way!
upvoted 0 times
Delmy
1 months ago
User 3: Agreed, the on-path attack doesn't make sense with TLS-protected sessions.
upvoted 0 times
...
Daniel
1 months ago
User 2: Definitely an advanced persistent threat.
upvoted 0 times
...
Ryan
1 months ago
User 3: Agreed, the on-path attack doesn't make sense with TLS-protected sessions.
upvoted 0 times
...
Marti
1 months ago
User 2: Definitely an advanced persistent threat.
upvoted 0 times
...
Alfred
2 months ago
User 1: APT all the way!
upvoted 0 times
...
Carlee
2 months ago
User 1: APT all the way!
upvoted 0 times
...
...
Graham
3 months ago
Ha! This is no zero-day. The attacker is clearly using well-known techniques to fly under the radar. Probably a disgruntled employee or state-sponsored hacker.
upvoted 0 times
Milly
2 months ago
C: Agreed, it seems like a well-planned advanced persistent threat.
upvoted 0 times
...
Kendra
2 months ago
B: Definitely not a zero-day attack.
upvoted 0 times
...
Cassie
2 months ago
A: C) an advanced persistent threat.
upvoted 0 times
...
...
Narcisa
3 months ago
Definitely an APT. Those remote sites are probably part of the attacker's command-and-control infrastructure. Sneaky stuff!
upvoted 0 times
Whitney
2 months ago
Let's make sure to strengthen our security measures to prevent future attacks.
upvoted 0 times
...
Dorthy
2 months ago
We should investigate further to determine the extent of the threat.
upvoted 0 times
...
Cora
2 months ago
I agree, the behavior of transferring files to remote sites is suspicious.
upvoted 0 times
...
Mel
2 months ago
Yes, it does sound like an advanced persistent threat.
upvoted 0 times
...
...
Chi
3 months ago
I'm not sure it's an APT. The question doesn't mention any specific vulnerability or attack technique. It could just be a broader data exfiltration incident.
upvoted 0 times
Mary
2 months ago
Yeah, it doesn't seem to fit the APT description.
upvoted 0 times
...
Lavonne
3 months ago
I think it's more of a data exfiltration incident.
upvoted 0 times
...
...
Jospeh
3 months ago
This sounds like a classic advanced persistent threat (APT) to me. The long duration, targeted file transfers, and use of encrypted channels are all hallmarks of an APT.
upvoted 0 times
Carlee
2 months ago
D: Yeah, the use of encrypted channels for the transfers is a clear sign of an APT.
upvoted 0 times
...
Lavera
3 months ago
C: I think it's more likely to be an APT given the targeted nature of the file transfers.
upvoted 0 times
...
Jesusita
3 months ago
B: Could it possibly be a zero-day attack instead?
upvoted 0 times
...
Lakeesha
3 months ago
A: I agree, this definitely sounds like an advanced persistent threat.
upvoted 0 times
...
...
Lettie
3 months ago
I'm not sure, but it could also be a zero-day attack since it seems like a new and unknown threat.
upvoted 0 times
...
Kimbery
3 months ago
I agree with Latrice, the activity over three months and then suddenly stopping seems like an advanced persistent threat.
upvoted 0 times
...
Latrice
4 months ago
I think the threat is an advanced persistent threat.
upvoted 0 times
...

Save Cancel