CompTIA CySA+ (CS0-001) — Question 97
A security analyst has noticed that a particular server has consumed over 1TB of bandwidth over the course of the month. It has port 3333 open; however, there have not been any alerts or notices regarding the server or its activities. Which of the following did the analyst discover?
Answer options
- A. APT
- B. DDoS
- C. Zero day
- D. False positive
Correct answer: C
Explanation
The correct answer is C, Zero day, as it indicates the presence of an undiscovered vulnerability that could be exploited without detection. APT (A) refers to advanced persistent threats that typically involve prolonged and targeted attacks, which do not match this scenario. DDoS (B) is a distributed denial-of-service attack aimed at overwhelming a service, but here the bandwidth usage isn't linked to such an attack. False positive (D) suggests that alerts could have been triggered incorrectly, but no alerts have been reported at all.