CertNexus Certified Cyber Secure Coder (CSC) — Question 14

A first responder notices a file with a large amount of clipboard information stored in it. Which part of the MITRE ATT&CK matrix has the responder discovered?

Answer options

• A. Collection
• B. Discovery
• C. Lateral movement
• D. Exfiltration

Correct answer: D

Explanation

The correct answer is D, Exfiltration, as it involves the unauthorized transfer of data outside a network, which is indicated by the presence of clipboard information in the file. The other options, such as Collection, Discovery, and Lateral movement, do not specifically pertain to the act of transferring data out of the environment.