Data Exfiltration — CompTIA Network+ (N10-009) Practice Questions
Data exfiltration refers to the unauthorized transfer of data from a network to an external destination, typically by an attacker who has already gained access to internal systems. On the Network+ exam, candidates must recognize the signs of exfiltration, such as unusual outbound traffic volumes, connections to unexpected external hosts, or traffic on atypical ports. Understanding common techniques, such as tunneling data through allowed protocols like DNS or HTTP, is essential for identifying and mitigating this threat. Network+ expects you to know which monitoring tools and controls, including firewalls, DLP solutions, and traffic analysis, can detect or prevent exfiltration attempts.
Free questions on data exfiltration
A network experiences unusual DNS queries to multiple unknown domains with random subdomains. What type of attack is occurring?
Free question · medium · full answer + explanation