πŸ”₯ 40% Off Crucial Exams Memberships β€” This Week Only

2 days, 12 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

A security analyst established a baseline for a Linux bastion host showing fewer than 50 000 outbound packets per hour, almost all SSH traffic to internal subnets. Three weeks later, VPC Flow Logs reveal 1.8 million outbound packets in 15 minutes to random public IP addresses on TCP port 445. How should the analyst classify this activity?

  • Harmless internal file-sharing traffic; port 445 traffic is typical inside the VPC.

  • An anomaly suggesting the instance may be compromised and attempting data exfiltration or worm propagation.

  • Expected overhead from the Amazon CloudWatch agent sending enhanced monitoring metrics.

  • A normal burst caused by AWS Systems Manager Patch Manager downloading updates.

ISC2 Systems Security Certified Practitioner (SSCP)
Risk Identification, Monitoring and Analysis
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot