nerdexam
EC-Council

312-50V11 · Question #745

Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is very hard to understan

The correct answer is C. Obfuscation. Obfuscation is the deliberate transformation of code into a functionally equivalent but intentionally unreadable form, commonly used by attackers to slow down analysis and evade detection.

Evading IDS, Firewalls, and Honeypots

Question

Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is very hard to understand the code and that all codes differ from the typical java script. What is the name of this technique to hide the code and extend analysis time?

Options

  • ASteganography
  • BCode encoding
  • CObfuscation
  • DEncryption

How the community answered

(34 responses)
  • A
    6% (2)
  • C
    91% (31)
  • D
    3% (1)

Why each option

Obfuscation is the deliberate transformation of code into a functionally equivalent but intentionally unreadable form, commonly used by attackers to slow down analysis and evade detection.

ASteganography

Steganography conceals secret data inside carrier files such as images or audio, and does not alter the structure or appearance of executable code.

BCode encoding

Code encoding converts code to an alternate format for transport or storage and is not specifically intended to hinder human analysis.

CObfuscationCorrect

Obfuscation rewrites source code by renaming variables to meaningless identifiers, removing whitespace, encoding strings, and inserting junk logic while preserving the original behavior. This technique is specifically designed to extend the time required for manual or automated analysis and is frequently applied to malicious JavaScript delivered via compromised websites. Unlike encryption, obfuscated code still executes directly in the browser without requiring a decryption key.

DEncryption

Encryption renders data entirely unreadable without the correct key, whereas obfuscated code remains directly executable by the runtime environment.

Concept tested: JavaScript obfuscation for malware evasion

Source: https://owasp.org/www-community/controls/Obfuscation

Topics

#obfuscation#JavaScript#malicious code#evasion

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice