اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

A security analyst responds to a series of events surrounding sporadic bandwidth consumption from an endpoint device. The security analyst then identifies the following additional details: - Bursts of network utilization occur approximately every seven days. - The content being transferred appears to be encrypted or obfuscated. - A separate but persistent outbound TCP connection from the host to infrastructure in a third-party cloud is in place. - The HDD utilization on the device grows by 10GB to 12GB over the course of every seven days. - Single file sizes are 10GB. Which of the following describes the most likely cause of the issue?