CompTIA CySA+ Practice Test

During the command and control phase of an attack, establishing a two-way communication channel is critical for attackers to maintain ongoing access and control over compromised systems. This method allows the attacker to send commands and receive feedback from the victim's system, facilitating further malicious activities, data exfiltration, or the deployment of additional malware. This communication can often be achieved through various protocols, such as HTTP, HTTPS, or even through specific malware connections that enable the attacker to interact with the compromised system in real-time. The other methods listed do not primarily serve the purpose of maintaining ongoing control. Empowering user privileges can potentially create vulnerabilities but does not directly facilitate control. Encrypting sensitive files is typically a method used to secure data rather than control a system, and taking complete system backups is a strategy for data recovery, which is not related to command and control in the context of an ongoing attack.