Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

Fortinet NSE 7 - Security Operations 7.6 Architect NSE7_SOC_AR-7.6 Question # 22 Topic 3 Discussion

Fortinet NSE 7 - Security Operations 7.6 Architect NSE7_SOC_AR-7.6 Question # 22 Topic 3 Discussion

NSE7_SOC_AR-7.6 Exam Topic 3 Question 22 Discussion:
Question #: 22
Topic #: 3

Review the incident report:

Packet captures show a host maintaining periodic TLS sessions that imitate normal HTTPS traffic but run on TCP 8443 to a single external host. An analyst flags the traffic as potential command-and-control. During the same period, the host issues frequent DNS queries with oversized TXT payloads to an attacker-controlled domain, transferring staged files.

Which two MITRE ATT & CK techniques best describe this activity? (Choose two answers)


A.

Non-Standard Port


B.

Exploitation of Remote Services


C.

Exfiltration Over Alternative Protocol


D.

Hide Artifacts


Get Premium NSE7_SOC_AR-7.6 Questions

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.