CompTIA
SY0-301 · Question #239
SY0-301 Question #239: Real Exam Question with Answer & Explanation
The correct answer is B: Steganography. Steganography is the technique of hiding secret data within ordinary-looking files such as images; mismatched file hashes indicate the images were modified to embed hidden information.
Question
A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop they notice several pictures of the employee's pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets?
Options
- ASocial engineering
- BSteganography
- CHashing
- DDigital signatures
Explanation
Steganography is the technique of hiding secret data within ordinary-looking files such as images; mismatched file hashes indicate the images were modified to embed hidden information.
Common mistakes.
- A. Social engineering involves manipulating people psychologically to divulge information or grant access, not technically embedding data inside files.
- C. Hashing is the forensic tool used to detect the file modification and verify integrity - it is not the method used to leak the data.
- D. Digital signatures use asymmetric cryptography to verify the authenticity and integrity of data and are not a method for concealing or transmitting secret information.
Concept tested. Steganography for covert data exfiltration detection
Reference. https://csrc.nist.gov/glossary/term/steganography
Community Discussion
No community discussion yet for this question.