350-201(NEW-127Q) · Question #29
350-201(NEW-127Q) Question #29: Real Exam Question with Answer & Explanation
The correct answer is B. data extortion. Option B is correct because the scenario describes a classic ransomware/data extortion attack: employees lose access to files on network shares (the data has been encrypted or locked by attackers), followed by a mass email delivery (the ransom demand threatening to destroy or pub
Question
Options
- Adata masking
- Bdata extortion
- Cdata leakage
- Ddata shuffling
Explanation
Option B is correct because the scenario describes a classic ransomware/data extortion attack: employees lose access to files on network shares (the data has been encrypted or locked by attackers), followed by a mass email delivery (the ransom demand threatening to destroy or publish data unless payment is made). The two events together - disruption of access plus a threatening communication - are the hallmark of data extortion.
Why the distractors are wrong:
- A. Data masking is a defensive technique used to obscure sensitive data in non-production environments - it's not an attack.
- C. Data leakage refers to unauthorized data leaving the organization (exfiltration), but the scenario emphasizes loss of access and a demand, not data being quietly stolen and exposed.
- D. Data shuffling is another anonymization/data-protection method, not a threat type at all.
Memory tip: Think "extortion = blocked + blackmail." If you see two simultaneous events - access disruption AND a suspicious/threatening communication - link it to extortion. Ransomware always has two phases: the lock and the demand.
Topics
Community Discussion
No community discussion yet for this question.