In: Other
An attacker has obtained the user ID and password of a data center's backup operator and has gained access to a production system. Which of the following would be the attacker's NEXT action?
A.Perform a passive reconnaissance of the network.
B.Initiate a confidential data exfiltration process
C.Look for known vulnerabilities to escalate privileges
D.Create an alternate user ID to maintain persistent access
Solution : The correct answer is “option B”.
Initiate a confidential data exfiltration process.
Explanation :
Data exfiltration is a technique or a security breach that is used by malicious attackers in order to copy, retrieve and transfer the confidential and sensitive data from a target computer or server. Some of the common targets for these types of breach are copying or retrieving the confidential financial records or information about someone’s trade/business secrets and sensitive personal information. Hence, the attacker will quickly try to initiate the data exfiltration process so that he is able to obtain as much as information without getting identified.