GIAC
GCIH · Question #69
GCIH Question #69: Real Exam Question with Answer & Explanation
The correct answer is A: Linguistic steganography. Sam is hiding data inside text files using visual symbols and signs, which corresponds to two overlapping steganographic methods - linguistic steganography and its subtype, text semagrams.
Malware Analysis & Advanced Persistent Threats
Question
Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using? Each correct answer represents a part of the solution. Choose all that apply.
Options
- ALinguistic steganography
- BPerceptual masking
- CTechnical steganography
- DText Semagrams
Explanation
Sam is hiding data inside text files using visual symbols and signs, which corresponds to two overlapping steganographic methods - linguistic steganography and its subtype, text semagrams.
Common mistakes.
- B. Perceptual masking is an audio steganography technique that hides data within sound frequencies below the threshold of human hearing, and is unrelated to text-file-based concealment.
- C. Technical steganography relies on physical or chemical means - such as invisible ink, microdots, or null ciphers on paper - not digital text files containing embedded symbols.
Concept tested. Types and classification of steganography techniques
Reference. https://www.sans.org/reading-room/whitepapers/stenganography/paper/552
Topics
#steganography#linguistic steganography#text semagrams#data exfiltration
Community Discussion
No community discussion yet for this question.