CompTIA CySA+ (CS0-003) — Question 253

A security analyst has identified outgoing network traffic leaving the enterprise at odd times. The traffic appears to pivot across network segments and target domain servers. The traffic is then routed to a geographic location to which the company has no association. Which of the following best describes this type of threat?

Answer options

• A. Hacktivist
• B. Zombie
• C. Insider threat
• D. Nation-state actor

Correct answer: D

Explanation

The correct answer is D, as nation-state actors typically engage in sophisticated cyber activities that target organizations for espionage or disruption, often involving complex routing of traffic to foreign locations. Options A (Hacktivist) and C (Insider threat) do not fit because they imply different motivations and sources of the threat. Option B (Zombie) refers to compromised machines controlled by an attacker, which does not align with the described behavior of targeting domain servers.