CompTIA CySA+ (CS0-003) — Question 477

An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?

Answer options

• A. Beaconing
• B. Cross-site scripting
• C. Buffer overflow
• D. PHP traversal

Correct answer: A

Explanation

The correct answer is A, as beaconing refers to a device periodically sending data to an external server, often for malicious purposes. The other options, such as Cross-site scripting, Buffer overflow, and PHP traversal, pertain to different types of vulnerabilities rather than the specific behavior of sending traffic to a known-malicious IP.