What suspicious domain was identified in the exercise?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

What suspicious domain was identified in the exercise?

Explanation:
The key signal is a domain that directly hints at exfiltration and uses an obfuscated dot. dataexfil[.]com combines the idea of data exfiltration with a bracketed dot, a common tactic to dodge simple filters and make the domain look suspicious in logs or training data. This combination makes it the clear indicator of a potentially malicious exfiltration domain in the exercise. The other domains are either generic placeholders or conventional-looking domains that don’t carry the same explicit exfiltration cue.

The key signal is a domain that directly hints at exfiltration and uses an obfuscated dot. dataexfil[.]com combines the idea of data exfiltration with a bracketed dot, a common tactic to dodge simple filters and make the domain look suspicious in logs or training data. This combination makes it the clear indicator of a potentially malicious exfiltration domain in the exercise. The other domains are either generic placeholders or conventional-looking domains that don’t carry the same explicit exfiltration cue.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy