An organization seeks a way to move sensitive material while blending it into normal name-resolution activity. Which approach is the BEST option for blending data streams with regular lookups?
Scheduling a job that pushes updates to a remote host
Embedding data inside queries for an external domain
Toggling network rules on endpoints to transmit content in plaintext
Altering a local service to forward logs outside the environment
Embedding data within queries for an external domain leverages name requests as a hidden channel. This masks sensitive material by splitting it across small requests that appear like typical lookups. Scheduled jobs alone do not blend the content into name requests, toggling firewall rules does not inherently hide movement within name-resolution traffic, and altering a local service does not incorporate hidden extraction via domain queries.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to embed data inside queries for an external domain?
Open an interactive chat with Bash
How does embedding data in DNS queries blend with regular network activity?
Open an interactive chat with Bash
Why are other methods less effective than embedding data in DNS queries for obfuscation?