ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 274 discussion

Actual exam question from CompTIA's SY0-701
Question #: 274
Topic #: 1
[All SY0-701 Questions]

A security analyst received a tip that sensitive proprietary information was leaked to the public. The analyst is reviewing the PCAP and notices traffic between an internal server and an external host that includes the following:

...
12:47:22.327233 PPPoE [ses 0x8122] IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto IPv6 (41), length 331) 10.5.1.1 > 52.165.16.154: IP6 (hlim E3, next-header TCP (6) paylcad length: 271) 2001:67c:2158:a019::ace.53104 > 2001:0:5ef5:79fd:380c:dddd:a601:24fa.13788: Flags [P.], cksum 0xd7ee (correct), seq 97:348, ack 102, win 16444, length 251
...

Which of the following was most likely used to exfiltrate the data?

  • A. Encapsulation
  • B. MAC address spoofing
  • C. Steganography
  • D. Broken encryption
  • E. Sniffing via on-path position
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by qacollin at Aug. 12, 2024, 5:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
9149f41
2 months, 4 weeks ago
Selected Answer: A
Encapsulation means hiding internal data, e.g. PW or bank balance, etc. pcap show (transmitted from IPv6 to IPv4 and it is bypass the filters.
upvoted 1 times
...
pokii1992
8 months, 1 week ago
A. Encapsulation The PCAP shows traffic using IPv6 encapsulated within IPv4 (proto IPv6 (41)), which could be used to hide sensitive data within seemingly normal network traffic. This encapsulation technique can potentially bypass certain security controls and filters, making it an effective method for data exfiltration.
upvoted 4 times
...
baronvon
8 months, 1 week ago
Selected Answer: A
A. Encapsulation The traffic described involves IPv6 encapsulated within IPv4, which can indicate that data is being transmitted through encapsulation to obscure the content or bypass filters. This technique could be used to exfiltrate sensitive data by embedding it within legitimate traffic patterns.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago