CompTIA PenTest+ (PT0-003) — Question 41

A penetration tester has discovered sensitive files on a system. Assuming exfiltration of the files is part of the scope of the test, which of the following is most likely to evade DLP systems?

Answer options

• A. Encoding the data and pushing through DNS to the tester's controlled server
• B. Padding the data and uploading the files through an external cloud storage service
• C. Obfuscating the data and pushing through FTP to the tester's controlled server
• D. Hashing the data and emailing the files to the tester's company inbox

Correct answer: A

Explanation

Encoding data and using DNS for transfer is effective in evading DLP systems because DNS traffic is often not monitored for sensitive data. The other options, while potentially useful, involve methods like uploading to cloud storage or emailing that may trigger DLP alerts due to their common monitoring practices.