CompTIA CySA+ (CS0-001) — Question 28

After analyzing and correlating activity from multiple sensors, the security analyst has determined a group from a high-risk country is responsible for a sophisticated breach of the company network and continuous administration of targeted attacks for the past three months. Until now, the attacks went unnoticed.
This is an example of:

Answer options

• A. privilege escalation.
• B. advanced persistent threat.
• C. malicious insider threat.
• D. spear phishing.

Correct answer: B

Explanation

The situation described is indicative of an advanced persistent threat (APT), where an attacker maintains a prolonged presence on a network, often associated with sophisticated methods and targeted strategies. Privilege escalation refers to gaining higher access rights, which isn't the main focus here. A malicious insider threat involves someone within the organization, while spear phishing is a targeted phishing attempt, neither of which apply to the overall external threat depicted.