nerdexam
Exams312-50V10Questions#92
EC-Council

312-50V10 · Question #92

312-50V10 Question #92: Real Exam Question with Answer & Explanation

The correct answer is C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an. Steganography - hiding a file inside an innocuous carrier like an image - is the most effective technique for bypassing content-inspection monitoring without triggering alerts.

Cryptography

Question

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Options

  • AEncrypt the Sales.xls using PGP and e-mail it to your personal gmail account
  • BPackage the Sales.xls using Trojan wrappers and telnet them back your home computer
  • CYou can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an
  • DChange the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Explanation

Steganography - hiding a file inside an innocuous carrier like an image - is the most effective technique for bypassing content-inspection monitoring without triggering alerts.

Common mistakes.

  • A. PGP encryption produces an obviously encrypted attachment that DLP solutions and monitoring tools are specifically configured to flag and quarantine.
  • B. Trojan wrappers generate anomalous executable behavior and telnet produces unencrypted cleartext sessions that IDS/IPS and monitoring systems would detect and block.
  • D. Renaming a file extension does not alter its internal binary structure, so content-inspection tools examining magic bytes or file signatures would still identify it as a spreadsheet.

Concept tested. Data exfiltration via steganography to evade DLP

Reference. https://owasp.org/www-community/attacks/Steganography_Attack

Topics

#steganography#data exfiltration#covert channels#DLP evasion

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V10 Practice