Question 74 of 160 from exam CS0-002: CompTIA CySA+

Prev Question Next Question

Question

A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident.

The analyst determines backups were not performed during this time and reviews the following:

g 8 §

o 88888

Monday
Bandwidth Mbps

0 1.23.45 6 7 8 9 1011 1213 1445 16 17 18 19 20 21 22 23

Inbound Outbound

Wednesday
Bandwidth Mbps

0123.45 6 7 & 9 10111213 14.15 16 17 18 19 20 21 22 23,
Inbound —Outbound

88888

o 88888

Tuesday
Bandwidth Mbps

0 1.2.3.4 5 6 7 8 9 10111213 1415 16 17 18 19 2021 2223
Inbound ——Outbound

Thursday
Bandwidth Mbps

0 1.2.3.4 5 6 7 8 9 1011 1213 1415 16 17 18 19 2021 2223
— Inbound ——Outbound

Which of the following should the analyst review to find out how the data was exfiltrated?

Answers

A. Monday`s logs

B. Tuesday`s logs

C. Wednesday`s logs

D. Thursday`s logs.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Prev Question Next Question