An organization's intrusion detection system (IDS) flags an executable file behaving suspiciously, trying to access system files and sending data to an external IP. However, the file's signature is not present in the malware database. This situation might be an instance of:
- APT (Advanced Persistent Threat)
- False Positive
- Polymorphic Malware
- Zero-Day Exploit
In this situation, where the behavior is suspicious, but the file's signature is not recognized, it could be indicative of a zero-day exploit, which is an attack that exploits a vulnerability unknown to the software vendor.
Loading...
Related Quiz
- Which of the following best describes a "zero-day" vulnerability?
- The principle that emphasizes using multiple layers of security measures to protect information and systems is called what?
- What is the primary purpose of Data Loss Prevention (DLP) solutions?
- A company conducts a simulated phishing attack on its employees as part of its security training. A majority of employees report the email and don't click on the links. This type of simulation is primarily used to assess what?
- For a stricter CSP policy, which value would you set for default-src to ensure that only specific sources are allowed?