The function of a command and control (C2) server is to send instructions to a compromised system, also known as a bot or a zombie. Once a system is compromised by malware such as a botnet, the C2 server acts as a central point of control for the attacker to send commands to the compromised systems. These commands could include downloading additional malware or executing specific commands on the compromised system, such as launching a distributed denial-of-service (DDoS) attack or stealing sensitive information.
Enumerating open ports on a network device is a network scanning technique that is not directly related to the function of a C2 server. Dropping secondary payloads into malware may be a function of a specific type of malware, but it is not a primary function of a C2 server. Regaining control of a network after a compromise is typically done through incident response procedures and is not a function of a C2 server.
B could be considered correct but in the attack kill chain the mallware is used to get access to the system. The command and Control server is then used to get "hand on the keyboard" and from there start performing actions. So answer D is the correct answer.
See also: https://en.wikipedia.org/wiki/Kill_chain#Attack_phases_and_countermeasures
This section is not available anymore. Please use the main Exam Page.200-201 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
drdecker100
Highly Voted 1 year, 2 months agoLeo_Visser
Highly Voted 2 years, 10 months agoWISDOM2080
Most Recent 7 months, 3 weeks agokyle942
1 year, 7 months agohalamah
2 years, 5 months ago