Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 39

Which two characteristics of messenger protocols make data exfiltration difficult to detect and prevent? (Choose two.)

Answer options

• A. Messenger applications cannot be segmented with standard network controls
• B. Malware infects the messenger application on the user endpoint to send company data
• C. Traffic is encrypted, which prevents visibility on firewalls and IPS systems
• D. An exposed API for the messaging platform is used to send large amounts of data
• E. Outgoing traffic is allowed so users can communicate with outside organizations

Correct answer: C, E

Explanation

Option C is correct because encryption hides the data from firewalls and intrusion prevention systems, making it hard to detect. Option E is also correct as allowing outbound traffic facilitates communication but also enables potential data exfiltration. The other options either describe scenarios that don't directly relate to the core issue of detection and prevention or focus on different aspects of security.