Refer to the exhibit. An engineer is analyzing a PCAP file after a recent breach. An engineer identified that the attacker used an aggressive ARP scan to scan the hosts and found web and SSH servers. Further analysis showed several SSH Server Banner and Key Exchange Initiations. The engineer cannot see the exact data being transmitted over an encrypted channel and cannot identify how the attacker gained access. How did the attacker gain access?

A. by using an SSH Tectia Server vulnerability to enable host-based authentication

B. by using brute force on the SSH service to gain access

C. by using the buffer overflow in the URL catcher feature for SSH

D. by using an SSH vulnerability to silently redirect connections to the local host








 

Suggested Answer: D



This question is in 200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) Exam
For getting Cisco Certified CyberOps Associate Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.