nerdexam
EC-Council

312-50V13 · Question #277

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary I

The correct answer is C. Unspecified proxy activities. Explanation Option C is correct because configuring multiple domains that point to the same host to rapidly rotate between them and evade detection is a classic example of unspecified proxy activities - the adversary is using multiple domain aliases as a layer of obfuscation to m

Submitted by rachelw· Mar 6, 2026Evading IDS, Firewalls, and Honeypots

Question

Clark is a professional hacker. He created and configured multiple domains pointing to the same host to switch quickly between the domains and avoid detection. Identify the behavior of the adversary In the above scenario.

Options

  • Ause of command-line interface
  • BData staging
  • CUnspecified proxy activities
  • DUse of DNS tunneling

How the community answered

(37 responses)
  • A
    11% (4)
  • B
    3% (1)
  • C
    81% (30)
  • D
    5% (2)

Explanation

Explanation

Option C is correct because configuring multiple domains that point to the same host to rapidly rotate between them and evade detection is a classic example of unspecified proxy activities - the adversary is using multiple domain aliases as a layer of obfuscation to mask their true infrastructure and avoid being blocked or identified by defenders.

Option A (Command-line interface) is incorrect because the scenario describes a domain configuration strategy, not the use of terminal/CLI tools to execute commands on a target system. Option D (DNS tunneling) is wrong because DNS tunneling specifically involves encoding data within DNS queries/responses to exfiltrate information or create covert channels - not simply rotating domains for evasion. Option B (Data staging) is irrelevant here, as it refers to aggregating and preparing stolen data in a temporary location before exfiltration.

Memory Tip: Think of "proxy activities" as anything that hides the real destination - multiple domains pointing to the same host act like a rotating disguise, which fits the broader category of proxy-based evasion. If the attacker is hiding infrastructure identity, think proxy activities.

Topics

#Evasion Techniques#Network Obfuscation#Proxy Activities#Fast Flux

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice