A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?
A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?
The most likely cause of external IPs communicating with internal computers during off hours is a botnet. Botnets consist of networks of compromised computers that are controlled by an attacker, often through a command and control server. These activities typically take place covertly and can occur during off hours when they are less likely to be noticed. Ransomware seeks to encrypt files and demand ransom, polymorphic malware focuses on evading detection by frequently changing its code, and armored viruses are designed to resist reverse engineering and detection, but none of these specifically explain the off-hours communication to external IPs as directly as a botnet.
Botnet is designed to attack during off hours, it is manually controlling from command center. All others are not attacking anytime.
Key Words are "some external IPs"