Lab
Persistent Access and Detection Lag
Attackers who stay hidden inside a system longer than defenders can detect them gain the ability to choose when damage happens—security isn't about perfect walls, it's about shrinking the gap between intrusion and discovery.
Then check the pattern
What makes a hidden entry point more dangerous than a visible break-in?
Hidden entry points use more sophisticated technology The attacker can choose when to act after getting inside Visible break-ins alert too many people at once Hidden entry points are harder to close once discovered
Answer: The attacker can choose when to act after getting inside. An attacker who stays undetected inside a system can map it, plant tools, and strike at the most damaging moment. The danger isn't the entry method—it's the time advantage. Option A confuses sophistication with outcome; entry method matters less than what the attacker does after.
Why does persistent access give an attacker more control than a single fast strike?
Fast strikes leave too much evidence behind Staying inside lets the attacker learn which targets matter most Persistent access requires less technical skill to maintain Single strikes can only damage one system at a time
Answer: Staying inside lets the attacker learn which targets matter most. Time inside a system lets the attacker understand how pieces connect, which nodes are critical, and when disruption would hurt most. A fast strike hits one target; persistent access maps the whole structure. Option D misses the point—it's not about hitting multiple systems, it's about choosing the right one.
What determines whether a defender can stop an attack before damage happens?
How quickly the defender detects the intrusion relative to how long the attacker has been inside Whether the defender has patched all known vulnerabilities The size of the defending organization's security budget Whether the attacker uses known methods or new exploits
Answer: How quickly the defender detects the intrusion relative to how long the attacker has been inside. Security is a race between intrusion and detection. If the defender spots the attacker within hours but the attacker needs days to map the system, defense wins. If the attacker has been inside for months before detection, they've already won. Patching vulnerabilities (Option B) prevents some entry, but doesn't shrink detection lag once someone is inside.
Why does a system with many entry points become harder to defend over time?
Each entry point requires separate monitoring, and attention spreads thin More entry points mean more attacker tools are needed Older systems accumulate more vulnerabilities naturally Complex systems cost more to secure per entry point
Answer: Each entry point requires separate monitoring, and attention spreads thin. Defenders must watch every door; attackers only need one that isn't being watched closely enough. As entry points multiply, the defender's attention thins—each point gets less scrutiny, detection lags grow, and the attacker's advantage compounds. Option C confuses age with complexity; a new complex system faces the same spreading problem.
← Back to library