Palo Alto Networks Certified Detection and Remediation Analyst (PCDRA) — Question 43

What is by far the most common tactic used by ransomware to shut down a victim’s operation?

Answer options

• A. preventing the victim from being able to access APIs to cripple infrastructure
• B. denying traffic out of the victims network until payment is received
• C. restricting access to administrative accounts to the victim
• D. encrypting certain files to prevent access by the victim

Correct answer: D

Explanation

The correct answer is D because ransomware typically encrypts files, making them inaccessible to the victim until a ransom is paid. The other options involve blocking access or denying services, which are tactics but not as widely used as file encryption.