Question
Which of the following are characteristics of an advanced persistent threat? (Select three.)
answer
Spend little time gathering intelligence
Number of days since the software release
No patches available to protect a system
Target large organizations
Develop highly specific exploits
Not included in security scans
Remove evidence of the attack
answer
Spend little time gathering intelligence
Number of days since the software release
No patches available to protect a system
Target large organizations
Develop highly specific exploits
Not included in security scans
Remove evidence of the attack
Answers
GPT-5 mini
Selected (three):
- Target large organizations — APTs usually go after high-value targets (enterprises, governments) for strategic/long-term objectives.
- Develop highly specific exploits — they create tailored, sophisticated tools (including custom malware and targeted exploits) for their victims.
- Remove evidence of the attack — stealth and anti-forensics to maintain persistence and avoid detection are hallmark behaviors.
Why the others were not chosen:
- Spend little time gathering intelligence — false; APTs invest significant time in reconnaissance.
- Number of days since the software release — irrelevant as a defining APT characteristic.
- No patches available to protect a system — while APTs sometimes use zero-days, lack of a patch is not a required characteristic for all APTs.
- Target large organizations — APTs usually go after high-value targets (enterprises, governments) for strategic/long-term objectives.
- Develop highly specific exploits — they create tailored, sophisticated tools (including custom malware and targeted exploits) for their victims.
- Remove evidence of the attack — stealth and anti-forensics to maintain persistence and avoid detection are hallmark behaviors.
Why the others were not chosen:
- Spend little time gathering intelligence — false; APTs invest significant time in reconnaissance.
- Number of days since the software release — irrelevant as a defining APT characteristic.
- No patches available to protect a system — while APTs sometimes use zero-days, lack of a patch is not a required characteristic for all APTs.