An administrator investigating intermittent network communication problems has identified an excessive amount of traffic from an external-facing host to an unknown location on the Internet. Which of the following BEST describes what is occurring?
An administrator investigating intermittent network communication problems has identified an excessive amount of traffic from an external-facing host to an unknown location on the Internet. Which of the following BEST describes what is occurring?
B. A malicious user is exporting sensitive data. Explanation: The scenario describes excessive traffic from an external-facing host to an unknown location on the Internet, which suggests the possibility of data exfiltration. Why the other answers are less suitable: A. The network is experiencing a denial of service (DoS) attack: A DoS attack typically involves overwhelming a target with inbound traffic to disrupt services, not outbound traffic to an unknown destination. C. Rogue hardware has been installed: Rogue hardware refers to unauthorized devices installed on the network, but the scenario focuses on abnormal traffic patterns rather than unauthorized devices. D. An administrator has misconfigured a web proxy: While a misconfigured proxy could cause connectivity issues, it would not typically result in excessive traffic to an unknown external destination.