Question

Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be?

a) DDoS attack
b) Man-in-the-middle attack
c) Insider threat
d) Data exfiltration attack

Answer 1

The observed activity suggests a data exfiltration attack, where data is rapidly copied across systems and devices. Preventive measures include firewalls, intrusion detection systems, and encryption mechanisms.

Step-by-step explanation:

Garfield is observing a situation where a particular application in the production environment is being rapidly copied across multiple systems and devices. This activity suggests the presence of a Data exfiltration attack. A data exfiltration attack involves unauthorized data being rapidly extracted from a network or system, usually by an attacker seeking to steal sensitive information.

During a data exfiltration attack, an attacker tries to rapidly copy data from a network or system, possibly using different devices and users, as observed in Garfield's scenario.

To prevent or detect data exfiltration attacks, organizations can implement security controls such as firewalls, intrusion detection systems, and encryption mechanisms.