nerdexam
EC-Council

312-50V10 · Question #835

John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time

The correct answer is A. Advanced persistent. An Advanced Persistent Threat (APT) is defined by long-term covert network access aimed at continuous data exfiltration without detection or visible disruption.

Information Security and Ethical Hacking Fundamentals

Question

John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?

Options

  • AAdvanced persistent
  • Bthreat Diversion theft
  • CSpear-phishing sites
  • Dinsider threat

How the community answered

(62 responses)
  • A
    90% (56)
  • B
    6% (4)
  • C
    2% (1)
  • D
    2% (1)

Why each option

An Advanced Persistent Threat (APT) is defined by long-term covert network access aimed at continuous data exfiltration without detection or visible disruption.

AAdvanced persistentCorrect

An Advanced Persistent Threat (APT) is a sophisticated, prolonged cyberattack in which the attacker gains unauthorized access and remains undetected inside a target network for an extended period while continuously exfiltrating sensitive data. APT actors deliberately avoid causing visible damage or triggering alerts, as their goal is sustained intelligence gathering rather than immediate disruption - exactly matching John's behavior in the scenario.

Bthreat Diversion theft

Diversion theft refers to intercepting or redirecting physical or financial deliveries to an unintended location, and is not a technique for covert long-term network infiltration.

CSpear-phishing sites

Spear-phishing is a targeted social engineering email technique used to gain initial access to a system, not a method for maintaining prolonged undetected presence inside a network.

Dinsider threat

An insider threat originates from a person who already has legitimate authorized access to the organization, whereas John gained unauthorized external access to the target network.

Concept tested: Advanced Persistent Threat long-term stealthy exfiltration

Source: https://www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats

Topics

#APT#advanced persistent threat#stealthy intrusion#network attack techniques

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice