Which of the following is a high-level method attackers use to exfiltrate data?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Study for the Cybercrime Test. Use flashcards and multiple choice questions, each with hints and explanations, to prepare for your exam! Master cybercrime prevention and stay ahead of threats.

Multiple Choice

Which of the following is a high-level method attackers use to exfiltrate data?

Explanation:
Data exfiltration often relies on covert channels that blend with normal network activity. DNS tunneling is a classic example of this approach. Attackers encode sensitive data into DNS queries and send them to a domain they control. Because DNS traffic is widespread and frequently allowed through firewalls and proxies, it can slip past perimeter defenses that are focused on more obvious protocols. The attacker’s server collects these encoded queries and can return data in DNS responses, allowing information to be moved out of the network without triggering typical alerts. This method is powerful because it uses a trusted, ubiquitous service and can quietly transmit data over many small queries, gradually exfiltrating substantial information. Other options don’t target data leaving the network in the same high-level, stealthy way. Password reuse is about compromising credentials, not exfiltrating data. Spam email can be used to leak information, but it’s generally easier to detect and less reliable for continuous, automated exfiltration. Public Wi‑Fi usage describes a location or condition, not a technique for exfiltration itself, though attackers might leverage any network under certain schemes.

Data exfiltration often relies on covert channels that blend with normal network activity. DNS tunneling is a classic example of this approach. Attackers encode sensitive data into DNS queries and send them to a domain they control. Because DNS traffic is widespread and frequently allowed through firewalls and proxies, it can slip past perimeter defenses that are focused on more obvious protocols. The attacker’s server collects these encoded queries and can return data in DNS responses, allowing information to be moved out of the network without triggering typical alerts. This method is powerful because it uses a trusted, ubiquitous service and can quietly transmit data over many small queries, gradually exfiltrating substantial information.

Other options don’t target data leaving the network in the same high-level, stealthy way. Password reuse is about compromising credentials, not exfiltrating data. Spam email can be used to leak information, but it’s generally easier to detect and less reliable for continuous, automated exfiltration. Public Wi‑Fi usage describes a location or condition, not a technique for exfiltration itself, though attackers might leverage any network under certain schemes.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy