Examice

Exam SY0-601 All QuestionsBrowse all questions from this exam

Question 525

Several users have opened tickets with the help desk. The help desk has reassigned the tickets to a security analyst for further review. The security analyst reviews the following metrics:

Which of the following is most likely the result of the security analyst's review?

The ISP is dropping outbound connections.

The user of the Sales-PC fell for a phishing attack

Corporate PCs have been turned into a botnet.

An on-path attack is taking place between PCs and the router.

Correct Answer: C

The metrics provided indicate a significant increase in both CPU utilization and network connections across all the PCs compared to their normal values. These substantial changes are characteristic of a botnet infection, where compromised computers are controlled remotely to perform various malicious activities, such as sending spam or participating in DDoS attacks. The simultaneous and substantial rise in these metrics for all listed PCs strongly suggests that they are being used for purposes beyond their intended functionality, which is a typical symptom of a botnet.

Discussion

ApplebeesWaiter1122Option: C

In your computer, in your computer Zombie, zombie, zombie-ie-ie What's in your computer, in your computer? Zombie, zombie, zombie-ie-ie-ie, oh

honeybussy

meaning? I'm lost, can someone please explain?

ballum

Its a song by the beach boys

TM78Option: C

C. Corporate PCs…botnet This is my favorite question in this dump…dunno why…I hope I see it on the exam. :D

sujon_londonOption: C

The metrics show a significant increase in both CPU utilization and network connections for all the listed PCs compared to their normal values. This could indicate that the machines are being used for unauthorized activities. The current CPU utilization of all the PCs is significantly higher than the normal CPU utilization. This indicates that the PCs are running a lot of processes, which is a common symptom of a botnet infection. The number of current network connections for all the PCs is also significantly higher than the normal number of network connections. This is another common symptom of a botnet infection. A botnet is a network of computers that have been infected with malware and controlled by a remote attacker. The attacker can use the botnet to carry out a variety of malicious activities, such as sending spam, launching DDoS attacks, or stealing data.

rline63Option: C

I don't understand, this seems like an extreme conclusion given the relative lack of info. I guess you're supposed to pick what seems the most likely but seeing there's a large amount of traffic and immediately saying it's a botnet is a bit much.

playerblueOption: C

non of the other ans make sense

cyberPunk28Option: C

based on current network connections going with C. Corporate PCs have been turned into a botnet.

GamsjeOption: C

Botnet I choose C