300-220 · Question #104
300-220 Question #104: Real Exam Question with Answer & Explanation
The correct answer is C. A long-term, targeted attack campaign. C is correct because an APT is defined by its long-term, stealthy, and highly targeted nature - attackers (often nation-states or sophisticated criminal groups) infiltrate a specific organization and maintain persistent access over months or years to exfiltrate data or achieve st
Question
Options
- AA short-term financial fraud scheme
- BA quickly evolving malware variant
- CA long-term, targeted attack campaign
- DAn opportunistic ransomware attack
Explanation
C is correct because an APT is defined by its long-term, stealthy, and highly targeted nature - attackers (often nation-states or sophisticated criminal groups) infiltrate a specific organization and maintain persistent access over months or years to exfiltrate data or achieve strategic goals.
Why the distractors fail:
- A (financial fraud) describes social engineering or scam schemes, which are typically short-lived and untargeted - the opposite of an APT's profile.
- B (quickly evolving malware) describes polymorphic or rapidly mutating malware; APTs can use malware, but their defining trait is persistence and patience, not speed of evolution.
- D (opportunistic ransomware) is the key contrast - opportunistic attacks cast a wide net indiscriminately, whereas APTs are surgical, patient, and aimed at a specific high-value target.
Memory tip: Break down the acronym - Advanced (sophisticated, well-resourced), Persistent (long-term, patient), Threat (targeted, intentional). If any answer implies "fast," "broad," or "short-term," eliminate it immediately.
Topics
Community Discussion
No community discussion yet for this question.