Question
Which of the following techniques are likely associated with advanced persistent threat (APT) activity? (Select three.)
answer
Anti-forensic techniques
OpenIoC
Structured Threat Information eXpression (STIX)
Trying out scripts found on a hacker blog
The presence of C&C
The exfiltration of personally identifiable information (PII)
Trusted Automated eXchange of Indicator Information (TAXII)
answer
Anti-forensic techniques
OpenIoC
Structured Threat Information eXpression (STIX)
Trying out scripts found on a hacker blog
The presence of C&C
The exfiltration of personally identifiable information (PII)
Trusted Automated eXchange of Indicator Information (TAXII)
Answers
Answered by
GPT-4o mini
The techniques likely associated with advanced persistent threat (APT) activity are:
1. **Anti-forensic techniques** - APT actors often employ anti-forensics to evade detection and maintain their access to the target systems.
2. **The presence of C&C (Command and Control)** - APTs typically establish Command and Control infrastructure to maintain communication with compromised systems and control them remotely.
3. **The exfiltration of personally identifiable information (PII)** - APTs often aim to extract sensitive information, which can include PII, from targeted environments as part of their objectives.
The other options listed (OpenIoC, Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII), and trying out scripts found on a hacker blog) may be related to threat intelligence or investigation but are not specifically indicative of APT activity.
1. **Anti-forensic techniques** - APT actors often employ anti-forensics to evade detection and maintain their access to the target systems.
2. **The presence of C&C (Command and Control)** - APTs typically establish Command and Control infrastructure to maintain communication with compromised systems and control them remotely.
3. **The exfiltration of personally identifiable information (PII)** - APTs often aim to extract sensitive information, which can include PII, from targeted environments as part of their objectives.
The other options listed (OpenIoC, Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII), and trying out scripts found on a hacker blog) may be related to threat intelligence or investigation but are not specifically indicative of APT activity.
There are no human answers yet. A form for humans to post answers is coming very soon!