Data Loss Prevention (DLP) tools monitor sensitive data and prevent unauthorized exfiltration. The two best options to bypass DLP are:
Compress and encrypt the data (Option B):
Compression reduces file size, making detection harder. Encryption further protects the data by making it unreadable without a key.
DLP tools often inspect content based on known patterns (e.g., credit card numbers, sensitive keywords). Encrypted files bypass content inspection since DLP cannot analyze encrypted data.
[Reference: CompTIA PenTest+ PT0-003 Official Study Guide - "Data Exfiltration Techniques", Encode the data as Base64 (Option E):, Base64 encoding disguises data by converting it into ASCII text, making it less likely to trigger DLP signature-based detection., Many DLP systems do not analyze encoded text deeply, assuming it is non-sensitive., Reference: CompTIA PenTest+ PT0-003 Official Study Guide - "Encoding and Obfuscation in Exfiltration", Incorrect options:, Option A (USB flash drive): Physical exfiltration is risky and easily detectable in enterprise environments., Option C (Rename file extensions): DLP systems analyze content, not just filenames., Option D (FTP for exfiltration): FTP is monitored by security tools and is a high-risk method., Option F (Trusted service): Many organizations monitor outbound traffic to cloud storage or email services., ]
Submit