Palo Alto Networks (PANW) Certified Cybersecurity Entry-level Technician (PCCET) Practice Exam

Which stage of an attack is typically east-west traffic?

• A. Reconnaissance
• B. Weaponization
• C. Lateral spread
• D. Actions on the objective

The correct answer is: Lateral spread

In a cybersecurity context, east-west traffic refers to the movement of data within a network, particularly between devices on the same local area network (LAN) as opposed to traffic that originates from outside the network and travels into it. The stage of an attack known as lateral spread is characterized by attackers moving through the network after they have gained an initial foothold, attempting to access other devices, resources, or sensitive data. During the lateral spread stage, attackers often exploit vulnerabilities or utilize compromised credentials to navigate across the network from one system to another, which constitutes east-west traffic. This movement is aimed at broadening their access and control over the network, allowing them to compromise additional systems, extract valuable information, or establish persistence by creating backdoors. The other stages identified in the question serve different purposes: - Reconnaissance involves gathering information about the target before an attack occurs and typically generates north-south traffic (inbound or outbound). - Weaponization is about creating a malicious payload or exploit that will be used in the attack, and while it may involve some internal communication for preparation, it doesn’t focus on movement within the network like lateral spread does. - Actions on the objective refers to the final efforts made by the attacker after achieving their goal