CompTIA CySA+ Practice Test

How should a sophisticated breach of the network that has occurred over several months be classified?

• A. Advanced persistent threat (APT)
• B. Spear phishing
• C. Insider threat
• D. Privilege escalation

The correct answer is: Advanced persistent threat (APT)

A sophisticated breach of the network that takes place over several months is best classified as an Advanced Persistent Threat (APT). APTs are characterized by their targeted nature, often involving prolonged and covert access to a network. Threat actors behind APTs typically conduct extensive reconnaissance, establish a foothold in the network, and move laterally over time to achieve their objectives, which may include data theft or system compromise. APTs are distinguished by their complexity and persistence, making them different from other threats that may be more opportunistic or require less time and sophistication to carry out. The gradual infiltration and continuous presence within the network support the classification as an APT, as these threats aim to maintain long-term access rather than executing a quick attack. Other options, while relevant to cybersecurity, do not specifically describe a long-term, sophisticated breach. Spear phishing refers to targeted email attacks against specific individuals or organizations but does not inherently imply prolonged engagement. An insider threat involves individuals within the organization misusing their access, which may not necessarily feature the sophisticated techniques common in APTs. Privilege escalation is a technique used during attacks to gain higher access on a network but does not denote the overall nature or strategy behind a long-term breach. Hence, the definition and