Month End Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Discussions
  1. Home
  2. Discussions
  3. CompTIA
  4. CompTIA CASP
  5. CAS-005 Discussions
  6. CAS-005 Exam Topic 1 Question 4 Discussion
 CompTIA Discussions
Exam CAS-005 All Questions
Exam CAS-005 All Questions

View all questions & answers for the CAS-005 exam

Go to Exam

CompTIA CASP CAS-005 Question # 4 Topic 1 Discussion

CAS-005 Exam Topic 1 Question 4 Discussion:
Question #: 4
Topic #: 1

Source code snippets for two separate malware samples are shown below:

Sample 1:

knockEmDown(String e) {

if(target.isAccessed()) {

target.toShell(e);

System.out.printIn(e.toString());

c2.sendTelemetry(target.hostname.toString + " is " + e.toString());

} else {

target.close();

}

}

Sample 2:

targetSys(address a) {

if(address.islpv4()) {

address.connect(1337);

address.keepAlive("paranoid");

String status = knockEmDown(address.current);

remote.sendC2(address.current + " is " + status);

} else {

throw Exception e;

}

}

Which of the following describes the most important observation about the two samples?
A.

Telemetry is first buffered and then transmitted in paranoid mode.

B.

The samples were probably written by the same developer.

C.

Both samples use IP connectivity for command and control.

D.

Sample 1 is the target agent while Sample 2 is the C2 server.

Get Premium CAS-005 Questions
Actual exam question for CompTIA CAS-005 exam by Echo338 at Apr 8, 2025, 10:16:12 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit