Questions
Questions

Introduction to Security and Forensic Technologies (052025-MHH) Case study: Office 365 - A Favorite for Cyberattack Persistence (IAM)

Matching

Match the descriptions or examples with the crucial aspects from this cyberattack tactics. 1: It searches across Office 365 applications and data and exports the results. Once inside Office 365, attackers are using this feature as an internal reconnaissance and data exfiltration tool to find critical data to steal that can be used with malicious intent. ____ 2: Lets users create custom integrations and automated workflows between Office 365 applications. It is enabled by default, and includes connectors to hundreds of third-party applications and services—also giving it appeal for both users and hackers. ____ 3: Attackers steal credentials or access them by convincing a legitimate user to approve a malicious app (via phishing email). This can allow attackers to maintain persistent and undetected access to Office 365 accounts ____

Options
A.OAuth
B.eDiscovery
C.Power Automate
View Explanation

View Explanation

Verified Answer
Please login to view
Step-by-Step Analysis
To tackle this matching task, I’ll examine each description and connect it to the most fitting Office 365 tactic. Option set context: The three items to match are eDiscovery, Power Automate, and OAuth. The available choices present the three terms in a different order: OAuth, eDiscovery, Power Automate. Description 1: It searches across Office 365 applications and data and exports the results. Once inside Office 365, attackers are using this feature as an internal reconnaissance and data exfiltration tool to find critical data to steal that can be used with malicious intent. - This description aligns with eDiscovery, which i......Login to view full explanation

Log in for full answers

We've collected over 50,000 authentic exam questions and detailed explanations from around the globe. Log in now and get instant access to the answers!

Similar Questions

An MIS professional is tasked with evaluating the security risks of a new cloud-based software system. They need to find comprehensive information on industry best practices for cloud security, relevant regulatory compliance standards, and potential vulnerabilities specific to the chosen software. Which combination of resources would be most effective for this research?

An Amazon EC2 security group cannot filter based on which of the following? [1 Mark]

What involves applications such as anti-virus software delivered over the Internet with constant virus definitions updates that are not reliant on user compliance?

Which service enables you to review the security of your Amazon S3 buckets by checking for open access permissions?

More Practical Tools for Students Powered by AI Study Helper

Join us and instantly unlock extensive past papers & exclusive solutions to get a head start on your studies!