Exam4Training

What is known about the alert based on this TTP even if other parts of the alert are unknown?

An administrator receives an alert with the TTP DATA_TO_ENCRYPTION.

What is known about the alert based on this TTP even if other parts of the alert are unknown?
A . A process attempted to delete encrypted data on the disk.
B . A process attempted to write a file to the disk.
C . A process attempted to modify a monitored file written by the sensor.
D . A process attempted to transfer encrypted data on the disk over the network.

Answer: B

Exit mobile version