In the exercise, which domain was flagged as suspicious?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

In the exercise, which domain was flagged as suspicious?

Explanation:
Recognizing indicators of data exfiltration in domain names is what this item is about. A domain that literally includes the term dataexfiltration communicates the intent of moving data out of a network, which is a clear red flag in traffic analysis. Among the options, the unambiguous phrase dataexfiltration stands out as suspicious because it directly names the exfiltration activity. The other domains either look benign (example.org), are plausible but don’t indicate exfiltration in the label (not-detected.io), or rely on obfuscation that hides the intent (dataexfil[.]com), making them less definitive as flags in this exercise.

Recognizing indicators of data exfiltration in domain names is what this item is about. A domain that literally includes the term dataexfiltration communicates the intent of moving data out of a network, which is a clear red flag in traffic analysis. Among the options, the unambiguous phrase dataexfiltration stands out as suspicious because it directly names the exfiltration activity. The other domains either look benign (example.org), are plausible but don’t indicate exfiltration in the label (not-detected.io), or rely on obfuscation that hides the intent (dataexfil[.]com), making them less definitive as flags in this exercise.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy