CompTIA Security+ (SY0-501) — Question 552

A large financial services firm recently released information regarding a security breach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administrative access to the network through a file download from a social media site and subsequently installed it without the user's knowledge. Since the compromise, the attacker was able to take command and control of the computer systems anonymously while obtaining sensitive corporate and personal employee information. Which of the following methods did the attacker MOST likely use to gain access?

Answer options

• A. A bot
• B. A fileless virus
• C. A logic bomb
• D. A RAT

Correct answer: A

Explanation

The attacker most likely used a bot to gain access, as bots can automate tasks and provide remote control of compromised systems. A fileless virus typically operates in memory and does not require a file download, a logic bomb is triggered by a specific event rather than ongoing access, and a RAT (Remote Access Trojan) is more focused on remote control rather than the initial compromise method described in this scenario.