What are the two ways threat actors use NTP? (Choose two.)
- They place an attachment inside an email message.
- They attack the NTP infrastructure in order to corrupt the information used to log the attack.
- They place iFrames on a frequently used corporate web page.
- They encode stolen data as the subdomain portion where the nameserver is under control of an attacker.
- Threat actors use NTP systems to direct DDoS attacks.
Explanation: Threat actors may attempt to attack the NTP infrastructure in order to corrupt time information used to correlate logged network events. This can serve to obfuscate traces of ongoing exploits. In addition, threat actors have been known to use NTP systems to direct DDoS attacks through vulnerabilities in client or server software. While these attacks do not necessarily result in corrupted security monitoring data, they can disrupt network availability.
Exam with this question: CyberOps Associate Final Exam Answers
Please login or Register to submit your answer