CompTIA Security+ SY0-601 – Question446

A user reset the password for a laptop but has been unable to log in to it since then. In addition, several
unauthorized emails were sent on the user's behalf recently. The security team investigates the issue and
identifies the following findings:
Firewall logs show excessive traffic from the laptop to an external site.
Unknown processes were running on the laptop.
RDP connections that appeared to be authorized were made to other network devices from the laptop.
High bandwidth utilization alerts from that user's username.
Which of the following is most likely installed on the laptop?


A.
Worm
B. Keylogger
C. Trojan
D. Logic bomb

Correct Answer: C