Botnet — CompTIA Security+ (SY0-701) Practice Questions
A botnet is a network of compromised computers, known as bots or zombies, that are remotely controlled by a threat actor to carry out coordinated malicious activities such as distributed denial-of-service attacks, spam campaigns, or credential stuffing. On the SY0-701 exam, candidates must understand how devices become infected through malware, how the botnet is managed via command and control infrastructure, and what indicators of compromise might reveal bot activity on a network. Botnets are significant because they allow attackers to scale attacks massively while distributing the source traffic to evade detection. Mitigation involves endpoint protection, network monitoring, and blocking known command and control domains.
Free questions on botnet
An organization experiences a sudden spike in outbound network traffic from several workstations to unknown IPs. Which attack is MOST likely occurring?
Free question · medium · full answer + explanation