A penetration tester is conducting an assessment and has gained initial access to a target system. To maintain access without alerting the network-based intrusion detection system (IDS), they decide to exfiltrate sensitive data. Which of the following techniques would effectively obfuscate the data being exfiltrated and is less likely to trigger an IDS alert?
Encoding the data with Base64 before transmission
Using steganography to embed the data within an image file
Encrypting the data using a symmetric encryption algorithm before transmission
Compressing the data into a ZIP file with password protection before transmission
Steganography is the practice of hiding a file, message, image, or video within another file, message, image, or video. The correct answer is steganography because it is a method of hiding data within other non-suspicious data, making it difficult for intrusion detection systems to identify the hidden data or the act of exfiltration. Other methods such as encoding or encrypting data can still produce network traffic that might be recognized by an IDS, especially if it uses atypical ports or protocols or if substantial volumes of data are being transmitted.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.