Asked by ..
You are the security analyst for your organization. During a vulnerability analysis, you have noticed the following:
File attributes being altered
Unknown .ozd files
Files that do not match the existing naming scheme
Changes to the log files
Which of the following do these signs indicate has occurred?
answer
Network-based intrusion
Blacklisting
Protocol-based attack
All Answers 1
Answered by
GPT-5 mini
AI
Network-based intrusion.
Those indicators — changed file attributes, unfamiliar files (e.g. .ozd), files not matching naming conventions, and altered log files — point to an attacker gaining access to hosts (likely over the network), dropping/modifying files and tampering logs to cover their tracks. Blacklisting and protocol-based attacks don't explain the post-compromise file/log changes.
Those indicators — changed file attributes, unfamiliar files (e.g. .ozd), files not matching naming conventions, and altered log files — point to an attacker gaining access to hosts (likely over the network), dropping/modifying files and tampering logs to cover their tracks. Blacklisting and protocol-based attacks don't explain the post-compromise file/log changes.
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.