CompTIA CySA+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the CompTIA CySA+ Exam with comprehensive tests and detailed explanations. Enhance your knowledge with multiple question formats and expert insights. Ace your exam with confidence!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

What does beaconing indicate in the context of cybersecurity?

  1. Routine network maintenance activity

  2. A successful data exfiltration

  3. Communication attempts by compromised systems to command and control servers

  4. A system performing self-diagnostics

The correct answer is: Communication attempts by compromised systems to command and control servers

Beaconing in the context of cybersecurity refers to the behavior exhibited by compromised systems that engage in regular communication attempts with command and control (C2) servers. This activity is characteristic of malware or compromised devices trying to maintain contact with an external entity that can issue commands, share instructions, or receive stolen data. When a system is compromised, attackers often rely on beaconing to establish a persistent presence within the network. This communications pattern can be detected through anomalous network traffic, where the infected system pings a specific external address at defined intervals. This behavior is particularly concerning as it can signify that a system has been infiltrated and is being used to relay sensitive information or execute further malicious commands. Understanding beaconing is critical in cybersecurity as it helps in identifying and responding to potential threats, facilitating the detection of intrusions, and analyzing indicators of compromise (IOCs). The other options outlined do not accurately represent the implication of beaconing, as they pertain to benign or unrelated network activities rather than the malicious communication associated with compromised systems.

More Questions Like This