Free CompTIA CySA+ CS0-003 Practice Question

An incident responder observes traffic indicating an external server is receiving exfiltrated data from a host within the company's DMZ. This activity seems to be controlled by a command structure that adapts to changing network configurations. To which two consecutive stages of the cyber kill chain does this scenario most accurately correspond?

  • Establish Foothold and Command & Control (C2)

  • Command & Control (C2) and Exfiltration

  • Exfiltration and Actions on Objectives

  • Weaponization and Delivery

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.