Certified Ethical Hacker (CEH) — Question 12

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet. How will you achieve this without raising suspicion?

Answer options

• A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account
• B. Package the Sales.xls using Trojan wrappers and telnet them back your home computer [1] Steganography techniques
• D. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

Correct answer: C

Explanation

The correct answer is C because changing the extension of the file may evade some basic security measures, allowing the file to be sent without detection. Options A and B involve encryption and malicious tactics that could easily trigger security alerts. Option D is incorrect as it is a repetition of option C, but it is not the correct approach to avoid suspicion.