CertNexus Certified Cyber Secure Coder (CSC) — Question 76

Which of the following data sources could provide indication of a system compromise involving the exfiltration of data to an unauthorized destination?

Answer options

• A. IPS logs
• B. DNS logs
• C. SQL logs
• D. SSL logs

Correct answer: A

Explanation

IPS logs are designed to detect and log intrusion attempts, making them useful for identifying unauthorized data exfiltration. DNS logs primarily track domain name queries, and while they can show suspicious activity, they don't directly indicate data transfers. SQL logs focus on database queries and activities, which are not typically related to data exfiltration events. SSL logs monitor encrypted traffic but do not provide insights into the content being transmitted.