A security administrator has uncovered a covert channel used to exfiltrate confidential data from an internal database server through a compromised corporate web server. Ongoing exfiltration is accomplished by embedding a small amount of data extracted from the database into the metadata of images served by the web server. File timestamps suggest that the server was initially compromised six months ago using a common server misconfiguration.
Which of the following BEST describes the type of threat being used?
(choose one and why)
A. APT
B. Zero-day attack
C. Man-in-the-middle attack
D. XSS
Solution
Explanation
APT means Advanced Persistent Threat
It is a prolonged and targeted security attack
Intruders or hackers access a network and remains undetected for an extended period of ime
the main goal of APT attack is monitor network activity and steal data rather than cause damage to network or company
from the question we can clearly understand it is an APT attack
because data was extracted from the server
server was compromised six months ago so it remains undetected for certain period of time
--
all the best
A security administrator has uncovered a covert channel used to exfiltrate confidential data from an internal...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...