CompTIA Security+ (SY0-501) — Question 1009
An analyst is part of a team that is investigating a potential breach of sensitive data at a large financial services organization. The organization suspects a breach occurred when proprietary data was disclosed to the public. The team finds servers were accessed using shared credentials that have been in place for some time. In addition, the team discovers undocumented firewall rules, which provided unauthorized external access to a server. Suspecting the activities of a malicious insider threat, which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?
Answer options
- A. Keylogger
- B. Botnet
- C. Crypto-malware
- D. Backdoor
- E. Ransomware
- F. DLP
Correct answer: D
Explanation
The most probable method used to exfiltrate the proprietary data is a Backdoor, as it allows unauthorized access to a system while bypassing normal authentication methods. The other options, such as Keyloggers and Ransomware, focus on capturing keystrokes or encrypting data, but they may not directly facilitate unauthorized access like a Backdoor does.