Prepare for the CySA+ Exam with our comprehensive test. Study using flashcards and multiple-choice questions that include hints and explanations to ensure your success. Get exam-ready today!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.


During the command and control phase of an attack, what is one method used to maintain control over a compromised system?

  1. Empowering user privileges

  2. Opening a two-way communication channel

  3. Encrypting sensitive files

  4. Taking complete system backups

The correct answer is: Opening a two-way communication channel

During the command and control phase of an attack, establishing a two-way communication channel is critical for attackers to maintain ongoing access and control over compromised systems. This method allows the attacker to send commands and receive feedback from the victim's system, facilitating further malicious activities, data exfiltration, or the deployment of additional malware. This communication can often be achieved through various protocols, such as HTTP, HTTPS, or even through specific malware connections that enable the attacker to interact with the compromised system in real-time. The other methods listed do not primarily serve the purpose of maintaining ongoing control. Empowering user privileges can potentially create vulnerabilities but does not directly facilitate control. Encrypting sensitive files is typically a method used to secure data rather than control a system, and taking complete system backups is a strategy for data recovery, which is not related to command and control in the context of an ongoing attack.