CompTIA Security+ (SY0-601) — Question 563

An administrator is investigating an incident and discovers several users’ computers were infected with malware after viewing files that were shared with them. The administrator discovers no degraded performance in the infected machines and an examination of the log files does not show excessive failed logins. Which of the following attacks is most likely the cause of the malware?

Answer options

• A. Malicious flash drive
• B. Remote access Trojan
• C. Brute-forced password
• D. Cryptojacking

Correct answer: B

Explanation

The correct answer is B, as a Remote Access Trojan can be delivered through shared files and would not necessarily cause noticeable performance issues or failed logins. Options A, C, and D do not fit the scenario: a malicious flash drive requires physical access, a brute-forced password attack typically results in failed login attempts, and cryptojacking focuses on using resources for cryptocurrency mining rather than direct malware infection via shared files.