Which method should the pentester use to covertly move data from target machines without detection?

Prepare for the Penetration Testing and Vulnerability Analysis Test with a range of challenging questions. Study with multiple choice format, hints, and detailed explanations to ace your next exam!

Multiple Choice

Which method should the pentester use to covertly move data from target machines without detection?

Explanation:
Covert data exfiltration aims to move data from target machines without triggering security controls by blending with ordinary traffic. Hiding data inside an image file using steganography is the strongest choice here because the payload is concealed within a file that looks completely normal in everyday usage. Images are routinely shared and stored, so a steganographically embedded payload can slip through typical file-transfer or messaging workflows with a lower risk of raising alarms. Only someone who knows how to extract the hidden data would reveal the payload, making detection more challenging for automated monitoring that inspects plain-text content or looks for unusual traffic patterns. The other options are more prone to detection. Sending data as plain-text via email can trigger content checks, spam filters, and data-loss prevention rules. DNS tunneling exploits the DNS channel to carry data, which network security tools frequently monitor for unusual DNS queries and abnormal query patterns. Copying data to a USB drive requires physical access and leaves tangible evidence, making it easy to discover during asset discovery, audits, or endpoint controls.

Covert data exfiltration aims to move data from target machines without triggering security controls by blending with ordinary traffic. Hiding data inside an image file using steganography is the strongest choice here because the payload is concealed within a file that looks completely normal in everyday usage. Images are routinely shared and stored, so a steganographically embedded payload can slip through typical file-transfer or messaging workflows with a lower risk of raising alarms. Only someone who knows how to extract the hidden data would reveal the payload, making detection more challenging for automated monitoring that inspects plain-text content or looks for unusual traffic patterns.

The other options are more prone to detection. Sending data as plain-text via email can trigger content checks, spam filters, and data-loss prevention rules. DNS tunneling exploits the DNS channel to carry data, which network security tools frequently monitor for unusual DNS queries and abnormal query patterns. Copying data to a USB drive requires physical access and leaves tangible evidence, making it easy to discover during asset discovery, audits, or endpoint controls.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy