nerdexam
EC-Council

312-50V13 · Question #150

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to you

The correct answer is C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out. To exfiltrate data without raising suspicion when traffic is filtered and monitored, concealing the data within another seemingly innocuous file type is an effective steganographic technique.

Submitted by kevin_r· Mar 6, 2026Evading IDS, Firewalls, and Honeypots

Question

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Options

  • AEncrypt the Sales.xls using PGP and e-mail it to your personal gmail account
  • BPackage the Sales.xls using Trojan wrappers and telnet them back your home computer
  • CYou can conceal the Sales.xls database in another file like photo.jpg or other files and send it out
  • DChange the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail

How the community answered

(19 responses)
  • A
    5% (1)
  • B
    5% (1)
  • C
    74% (14)
  • D
    16% (3)

Why each option

To exfiltrate data without raising suspicion when traffic is filtered and monitored, concealing the data within another seemingly innocuous file type is an effective steganographic technique.

AEncrypt the Sales.xls using PGP and e-mail it to your personal gmail account

Encrypting the file and emailing it may still raise suspicion as email attachments are often scanned, and the presence of encrypted content can be flagged by security systems for further inspection, especially if it's unusual for the user.

BPackage the Sales.xls using Trojan wrappers and telnet them back your home computer

Using Trojan wrappers and telnetting the data back is highly suspicious; telnet is an unencrypted protocol often blocked, and Trojan activity is typically detected by antivirus and intrusion detection systems.

CYou can conceal the Sales.xls database in another file like photo.jpg or other files and send it outCorrect

Concealing the Sales.xls database within another file like a photo (steganography) makes it difficult for traditional traffic monitoring and filtering systems to detect the malicious data. The altered file retains the appearance and metadata of the cover file, allowing it to bypass detection mechanisms that look for specific file types or content signatures.

DChange the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail

Changing the file extension from .xls to .txt does not alter the actual file content or metadata, making it easily detectable by deep packet inspection or content-aware filters as an Excel file being masqueraded.

Concept tested: Data exfiltration techniques (Steganography)

Source: https://learn.microsoft.com/en-us/security/compass/steganography

Topics

#data exfiltration#steganography#covert channels#network monitoring bypass

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice