Performing CyberOps Using Cisco Security Technologies (CBRCOR) — Question 95

A SOC analyst is notified by the network monitoring tool that there are unusual types of internal traffic on IP subnet 103.921.2239.0/24. The analyst discovers unexplained encrypted data files on a computer system that belongs on that specific subnet. What is the cause of the issue?

Answer options

• A. DDoS attack
• B. phishing attack
• C. virus outbreak
• D. malware outbreak

Correct answer: D

Explanation

The presence of unexplained encrypted data files suggests that malicious software is at work, which aligns with a malware outbreak. A DDoS attack primarily focuses on overwhelming a system, while phishing and virus outbreaks do not directly explain the encrypted files found.