CompTIA Security+ (SY0-501) — Question 122

A website administrator has received an alert from an application designed to check the integrity of the company's website. The alert indicated that the hash value for a particular MPEG file has changed. Upon further investigation, the media appears to be the same as it was before the alert.
Which of the following methods has MOST likely been used?

Answer options

• A. Cryptography
• B. Time of check/time of use
• C. Man in the middle
• D. Covert timing
• E. Steganography

Correct answer: E

Explanation

The correct answer is E, as steganography involves hiding information within other files, which can change the hash value without altering the visible content. The other options do not specifically relate to the situation where the content appears unchanged but the hash is different, making them less applicable in this context.