When reviewing a security assessment report, analysts notice that several security incidents coincide with outgoing traffic spikes at regular intervals. What is the most likely explanation for these observations?
Command and Control (C2) server communication is likely causing the traffic spikes and related security incidents.
An internal user is downloading large files periodically, which aligns with the traffic spikes.
The web server is performing automatic updates at set intervals, causing the observed traffic.
The organization is experiencing normal traffic burst due to scheduled backups.