contestada

An attacker has obtained the user ID and password of a data center's backup operator and has gained access to a production system. Which of the following would be the attacker's NEXT action?
A. Perform a passive reconnaissance of the network.
B. Initiate a confidential data exfiltration process
C. Look for known vulnerabilities to escalate privileges
D. Create an alternate user ID to maintain persistent access

Respuesta :

sandlee09

Answer:

D.

Explanation:

Based on the information provided surrounding this scenario, it can be said that the most likely next course of action would be to create an alternate user ID to maintain persistent access. This would allow the attacker to have continuous access into the network in the case that the system administrators detect that the operator's user ID and password have been compromised. Thus also giving the attacker ample time to infiltrate and find vulnerabilities in the network through an alternate hidden user ID.

Otras preguntas