According to the material, persistence in APT intrusions is manifested in two ways. Which option best describes these two manifestations?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the SANS FOR508 Exam. Use flashcards and multiple-choice questions, each with hints and explanations. Maximize your readiness for the test!

Multiple Choice

According to the material, persistence in APT intrusions is manifested in two ways. Which option best describes these two manifestations?

Persistence in APT intrusions means the attacker keeps access over time and expands their foothold without being easily removed. This shows up in two ways: first, maintaining a presence on the network, such as through backdoors, scheduled tasks, new or stolen credentials, or hidden services that keep an open line into the environment even after initial detection. Second, repeatedly attempting to gain entry to areas where presence is not yet established, meaning the attacker tries to move laterally, probe for new systems, or re-enter after containment to extend reach or recover from disruptions.

So the best description combines both aspects: keeping a foothold on the network and continually trying to access additional areas to broaden or reestablish access.

According to the material, persistence in APT intrusions is manifested in two ways. Which option best describes these two manifestations?

Prepare for the SANS FOR508 Exam. Use flashcards and multiple-choice questions, each with hints and explanations. Maximize your readiness for the test!

According to the material, persistence in APT intrusions is manifested in two ways. Which option best describes these two manifestations?

Get the latest from Examzify