Wireshark Traffic Analysis Practice Exam

Recognizing indicators of data exfiltration in domain names is what this item is about. A domain that literally includes the term dataexfiltration communicates the intent of moving data out of a network, which is a clear red flag in traffic analysis. Among the options, the unambiguous phrase dataexfiltration stands out as suspicious because it directly names the exfiltration activity. The other domains either look benign (example.org), are plausible but don’t indicate exfiltration in the label (not-detected.io), or rely on obfuscation that hides the intent (dataexfil[.]com), making them less definitive as flags in this exercise.