CompTIA Security+ (SY0-601) — Question 702

A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any servers were found. Which of the following attacks was MOST likely used to cause the data loss?

Answer options

• A. Logic bomb
• B. Ransomware
• C. Fileless virus
• D. Remote access Trojans
• E. Rootkit

Correct answer: A

Explanation

The most likely attack responsible for the data loss is a Logic bomb, as it is designed to execute a malicious action, such as deleting data, when specific conditions are met. Ransomware typically encrypts data rather than deleting it, while a fileless virus operates in memory and does not remove files. Remote access Trojans and rootkits are more focused on gaining unauthorized access and maintaining stealth, rather than directly deleting data.