The scenario describes a prolonged, stealthy operation where files were exfiltrated over three months via secure channels (TLS-protected HTTP) from unexpected systems, then ceased. This aligns with anAdvanced Persistent Threat (APT), characterized by long-term, targeted attacks aimed at data theft or surveillance, often using sophisticated methods to remain undetected.
Option A:Decrypting RSA with weak encryption implies a cryptographic attack, but TLS suggests modern encryption was used, and there’s no evidence of decryption here.
Option B:A zero-day attack exploits unknown vulnerabilities, but the duration and cessation suggest a planned operation, not a single exploit.
Option C:APT fits perfectly—slow, persistent exfiltration fromunusual systems indicates a coordinated, stealthy threat actor.
Option D:An on-path (man-in-the-middle) attack intercepts traffic, but there’s no indication of interception; the focus is on unauthorized transfers.
[Reference:CompTIA SecurityX CAS-005 Domain 1: Risk Management – Threat Identification and Analysis., , , , ]
