Exam 312-50v12 Topic 2 Question 149 Discussion
Actual exam question for ECCouncil's 312-50v12 exam
Question #: 149
Topic #: 2
Question #: 149
Topic #: 2
Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfilltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs, what type of malware did the attacker use to bypass the company's application whitelisting?
Suggested Answer: C Vote an answer
https://www.mcafee.com/enterprise/en-us/security-awareness/ransomware/what-is-fileless-malware.html Fileless malware can easily evade various security controls, organizations need to focus on monitoring, detecting, and preventing malicious activities instead of using traditional approaches such as scanning for malware through file signatures.Also known as non-malware, infects legitimate software, applications, and other protocols existing in the system to perform various malicious activities.It resides in the system's RAM. It injects malicious code into the running processes. (P.966/950)
by Miranda at Feb 14, 2024, 02:46 PM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).