CompTIA CySA+ Practice Test

What is a common tactic employed by an Advanced Persistent Threat (APT)?

• A. A sophisticated DDoS attack
• B. Gaining data access while remaining undetected
• C. Exploiting unpatched application vulnerabilities
• D. Employing ransomware to encrypt data

The correct answer is: Gaining data access while remaining undetected

An Advanced Persistent Threat (APT) is characterized by its stealthy approach and long-term commitment to infiltrating a target's network with the intent of gathering intelligence or stealing sensitive data. One of the hallmark tactics of APTs is to gain access to data while remaining undetected. This enables them to operate within a network for an extended period without raising alarms, allowing them to collect intelligence, manipulate data, or prepare for future attacks. APTs often employ various techniques for maintaining persistence, such as using custom malware, maintaining backdoors, and utilizing cleverly designed social engineering tactics. The emphasis is on stealth and the ability to exploit network resources without tripping security defenses, often gathering information gradually over time instead of executing immediate, disruptive actions. While the other choices might describe tactics used by different types of cyber threats, they are not as representative of the APT strategy. For instance, a sophisticated DDoS attack generally aims at overwhelming services and is more disruptive than stealthy. Exploiting unpatched application vulnerabilities is a common tactic but typically relates to broader attack strategies rather than the long-term focus of an APT. Similarly, employing ransomware is more associated with financial gain or disruption rather than the stealthy and intelligence-gathering focus typical of an