CompTIA Security+ SY0-601 – Question208

An analyst is reviewing logs associated with an attack. The logs indicate an attacker downloaded a malicious
file that was quarantined by the AV solution. The attacker utilized a local non-administrative account to restore
the malicious file to a new location. The file was then used by another process to execute a payload. Which of
the following attacks did the analyst observe?


A.
Privilege escalation
B. Request forgeries
C. Injection
D. Replay attack

Correct Answer: A