{"id":3522,"date":"2023-12-03T18:53:29","date_gmt":"2023-12-03T18:53:29","guid":{"rendered":"https:\/\/exampracticetests.com\/c\/SY0-601\/comptia-security-sy0-601-question296\/"},"modified":"2023-12-03T18:53:29","modified_gmt":"2023-12-03T18:53:29","slug":"comptia-security-sy0-601-question296","status":"publish","type":"post","link":"https:\/\/exampracticetests.com\/c\/SY0-601\/comptia-security-sy0-601-question296\/","title":{"rendered":"CompTIA Security+ SY0-601 &#8211; Question296"},"content":{"rendered":"<div class=\"question\">While checking logs, a security engineer notices a number of end users suddenly downloading files with the<br \/>\n.tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not<br \/>\ninitiate any of the downloads. Further investigation reveals the end users all clicked on an external email<br \/>\ncontaining an infected MHT file with an href link a week prior. Which of the following is MOST likely<br \/>\noccurring?<br \/>\n<br \/><strong><br \/>A.<\/strong> A RAT was installed and is transferring additional exploit tools.<br \/><strong>B.<\/strong> The workstations are beaconing to a command-and-control server.<br \/><strong>C.<\/strong> A logic bomb was executed and is responsible for the data transfers.<br \/><strong>D.<\/strong> A fileless virus is spreading in the local network environment<\/div>\n<p><\/p>\n<style> .hidden-div{ display:none } <\/style>\n<p>\t\t\t\t\t\t\t<button onclick=\"getElementById('hidden-div').style.display = 'block'\"> Show Answer <\/button> <button onclick=\"getElementById('hidden-div').style.display = 'none'\">Hide Answer<\/button><\/p>\n<div class=\"hidden-div\" id=\"hidden-div\"><span style=\"\"><\/p>\n<div class=\"answer\">Correct Answer: <strong>B<\/strong><\/div>\n<p><\/strong><\/span> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,299],"class_list":["post-3522","post","type-post","status-publish","format-standard","hentry","category-comptia-security-sy0-601","tag-comptia-security-sy0-601","tag-question-296"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts\/3522","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/comments?post=3522"}],"version-history":[{"count":0,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/posts\/3522\/revisions"}],"wp:attachment":[{"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/media?parent=3522"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/categories?post=3522"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exampracticetests.com\/c\/SY0-601\/wp-json\/wp\/v2\/tags?post=3522"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}