An attacker wants to exfiltrate sensitive material from a compromised environment using email. Which approach best describes a tactic that helps avoid detection by content inspection tools?
Transmit the material over a remote shell using a custom port that mimics normal traffic
Break the data into multiple segments, compress them, and attach them to legitimate-seeming messages
Place the files on a hosted drive platform and share the link in a short message
Send the sensitive documents through an encrypted chat platform used by employees
Dividing the stolen material into smaller files, compressing them, and attaching them to communications that appear normal is difficult for automated filters to flag. It aligns with the requirement to use standard message flows. Other options rely on remote shells, cloud links, or chat platforms, which do not match the email-focused tactic or may trigger alerts faster.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is compressing and segmenting data effective at avoiding detection?
Open an interactive chat with Bash
What is content inspection, and how does it work?
Open an interactive chat with Bash
How does this tactic differ from using cloud drives or encrypted chats?