An application owner reports suspicious activity on an internal financial application from various internal users within the past 14 days. A security analyst notices the following: · Financial transactions were occurring during irregular time frames and outside of business hours by unauthorized users. · Internal users in question were changing their passwords frequently during that time period. · A jump box that several domain administrator users use to connect to remote devices was recently compromised. · The authentication method used in the environment is NTLM. Which of the following types of attacks is most likely being used to gain unauthorized access?

Questions › Category: SY0-601 › An application owner reports suspicious activity on an internal financial application from various internal users within the past 14 days. A security analyst notices the following: · Financial transactions were occurring during irregular time frames and outside of business hours by unauthorized users. · Internal users in question were changing their passwords frequently during that time period. · A jump box that several domain administrator users use to connect to remote devices was recently compromised. · The authentication method used in the environment is NTLM. Which of the following types of attacks is most likely being used to gain unauthorized access?

0 Vote Up Vote Down

Admin Staff asked 12 months ago

An application owner reports suspicious activity on an internal financial application from various internal users within the past 14 days. A security analyst notices the following:
· Financial transactions were occurring during irregular time frames and outside of business hours by unauthorized users. · Internal users in question were changing their passwords frequently during that time period. · A jump box that several domain administrator users use to connect to remote devices was recently compromised.
· The authentication method used in the environment is NTLM.
Which of the following types of attacks is most likely being used to gain unauthorized access?

A. Pass-the-hash

B. Brute-force

C. Directory traversal

D. Replay





 

Correct Answer: A

This question is in SY0-601 exam
For getting CompTIA Security+ certificate

Cisco IOS Popular Commands

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password

Cisco IOS Popular Commands

Related Questions

Recommended

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Fortinet NSE 4 – FortiOS 7.2 certificate

Welcome Back!

Create New Account!

Retrieve your password