An organization seeks a way to move sensitive material while blending it into normal name-resolution activity. Which approach is the BEST option for blending data streams with regular lookups?
Altering a local service to forward logs outside the environment
Embedding data inside queries for an external domain
Scheduling a job that pushes updates to a remote host
Toggling network rules on endpoints to transmit content in plaintext
Embedding data within queries for an external domain leverages name requests as a hidden channel. This masks sensitive material by splitting it across small requests that appear like typical lookups. Scheduled jobs alone do not blend the content into name requests, toggling firewall rules does not inherently hide movement within name-resolution traffic, and altering a local service does not incorporate hidden extraction via domain queries.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is DNS tunneling, and why is it used for embedding data in queries?
Open an interactive chat with Bash
How does embedding data in DNS queries avoid detection?
Open an interactive chat with Bash
What are the potential risks and detection methods for DNS tunneling?