nerdexam
Exams312-50V11Questions#92
EC-Council

312-50V11 · Question #92

312-50V11 Question #92: Real Exam Question with Answer & Explanation

The correct answer is C: You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an. This question tests knowledge of steganography, the technique of hiding data inside ordinary-looking files to evade content-inspection controls.

Evading IDS, Firewalls, and Honeypots

Question

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Options

  • AEncrypt the Sales.xls using PGP and e-mail it to your personal gmail account
  • BPackage the Sales.xls using Trojan wrappers and telnet them back your home computer
  • CYou can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an
  • DChange the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Explanation

This question tests knowledge of steganography, the technique of hiding data inside ordinary-looking files to evade content-inspection controls.

Common mistakes.

  • A. PGP-encrypting a file before emailing it to a personal account would likely trigger DLP policies configured to alert on encrypted attachments sent to external consumer email services.
  • B. Telnet transmits data in plaintext and is actively monitored; Trojan-wrapped files are detectable by antivirus and IDS tools, making this approach both visible and highly suspicious.
  • D. Renaming a file extension does not alter its binary structure or magic bytes, so content-inspection tools that read file headers rather than extensions will still identify and flag the XLS format.

Concept tested. Steganography for covert data exfiltration

Reference. https://csrc.nist.gov/glossary/term/steganography

Topics

#steganography#data exfiltration#covert channels#traffic monitoring evasion

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 312-50V11 Practice