A security engineer has been hired to design a device that will enable the exfiltration of data from within a well-defended network perimeter during an authorized test. The device must bypass all firewalls and NIDS in place, as well as allow for the upload of commands from a centralized command and control answer. The total cost of the device must be kept to a minimum in case the device is discovered during an assessment. Which of the following tools should the engineer load onto the device being designed?
A. Custom firmware with rotating key generation
B. Automatic MITM proxy
C. TCP beacon broadcast software
D. Reverse shell endpoint listener
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
The correct answer is D.
The reason why it bypasses the FW and other security solutions is because it makes it appear is if the end user is establishing an outbound connection to an IP on the internet. Then, an attacker can run commands as mentioned in the question, “allow for the upload of commands from a centralized command and control answer.”
D – it’s authorized, but don’t spend money in case you get caught…. what a question.
D. Reverse shell endpoint listener
https://vceguide.com/which-of-the-following-tools-should-the-engineer-load-onto-the-device-being-designed/
D. Reverse shell endpoint listener
https://vceguide.com/which-of-the-following-tools-should-the-engineer-load-onto-the-device-being-designed/