New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CS0-003 Exam - Topic 3 Question 6 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 6
Topic #: 3
[All CS0-003 Questions]

After completing a review of network activity. the threat hunting team discovers a device on the network that sends an outbound email via a mail client to a non-company email address daily

at 10:00 p.m. Which of the following is potentially occurring?

Show Suggested Answer Hide Answer
Suggested Answer: D

Data exfiltration is the theft or unauthorized transfer or movement of data from a device or network. It can occur as part of an automated attack or manually, on-site or through an internet connection, and involve various methods. It can affect personal or corporate data, such as sensitive or confidential information.Data exfiltration can be prevented or detected by using compression, encryption, authentication, authorization, and other controls1

The network activity shows that a device on the network is sending an outbound email via a mail client to a non-company email address daily at 10:00 p.m. This could indicate that the device is compromised by malware or an insider threat, and that the email is used to exfiltrate data from the network to an external party. The email could contain attachments, links, or hidden data that contain the stolen information. The timing of the email could be designed to avoid detection by normal network monitoring or security systems.


by Tawna at Jul 24, 2023, 07:10 PM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Almeta
3 months ago
I disagree, it might just be a scheduled backup or something.
upvoted 0 times
...
Launa
3 months ago
Wait, why is it sending emails at 10 p.m.? That's suspicious.
upvoted 0 times
...
Ettie
4 months ago
Could be abnormal OS process behavior too.
upvoted 0 times
...
Steffanie
4 months ago
Definitely a rogue device!
upvoted 0 times
...
Xuan
4 months ago
Sounds like data exfiltration to me.
upvoted 0 times
...
Tresa
4 months ago
I thought irregular peer-to-peer communication was more about direct connections between devices, but this email behavior seems off too. I'm torn between a few options here.
upvoted 0 times
...
Ruth
4 months ago
This reminds me of a practice question we did about rogue devices. If it's sending emails daily, it could definitely be a rogue device on the network.
upvoted 0 times
...
Tawny
5 months ago
I'm not entirely sure, but the timing of the emails at 10:00 p.m. feels suspicious. Could it be related to abnormal OS process behavior?
upvoted 0 times
...
Barney
5 months ago
I remember discussing data exfiltration in class, and this seems like a classic case of that, especially with the emails going to a non-company address.
upvoted 0 times
...
Sherly
5 months ago
Ah, I see what's going on now. The vSphere Client is the way to go for managing vSphere certificates. Option B is the correct answer.
upvoted 0 times
...
Cecily
5 months ago
Okay, the question is asking for a "formal description of a system" and a "detailed plan of the system at component level". That sounds like it's referring to an Artifact or a Deliverable, so I'll carefully consider those two options.
upvoted 0 times
...
Sylvie
5 months ago
I'm pretty confident on this one. The MLAG peer address is the IP address of the other switch in the MLAG pair. It's used for synchronization and coordination between the two switches.
upvoted 0 times
...
Hobert
5 months ago
I’m a bit confused about the bond option. Can someone remind me how that fits into money laundering with insurance?
upvoted 0 times
...
Jennifer
5 months ago
I've got a good feeling about option B. The 2-minute frequency for Provisioned IOPS volumes sounds right to me.
upvoted 0 times
...

Save Cancel