PT0-003 · Question #190
PT0-003 Question #190: Real Exam Question with Answer & Explanation
The correct answer is B: Compress and encrypt the data.. Data Loss Prevention (DLP) tools monitor sensitive data and prevent unauthorized exfiltration. The two best options to bypass DLP are: Compression reduces file size, making detection harder. Encryption further protects the data by making it unreadable without a key. DLP tools oft
Question
During a testing engagement, a penetration tester compromises a host and locates data for exfiltration. Which of the following are the best options to move the data without triggering a data loss prevention tool? (Select two).
Options
- AMove the data using a USB flash drive.
- BCompress and encrypt the data.
- CRename the file name extensions.
- DUse FTP for exfiltration.
- EEncode the data as Base64.
- FSend the data to a commonly trusted service.
Explanation
Data Loss Prevention (DLP) tools monitor sensitive data and prevent unauthorized exfiltration. The two best options to bypass DLP are: Compression reduces file size, making detection harder. Encryption further protects the data by making it unreadable without a key. DLP tools often inspect content based on known patterns (e.g., credit card numbers, sensitive keywords). Encrypted files bypass content inspection since DLP cannot analyze encrypted data. Base64 encoding disguises data by converting it into ASCII text, making it less likely to trigger DLP signature-based detection. Many DLP systems do not analyze encoded text deeply, assuming it is non-sensitive.
Topics
Community Discussion
No community discussion yet for this question.