CompTIA Security Plus Mock Test Q429

A security audit identifies a number of large email messages being sent by a specific user from their company email account to another address external to the company. These messages were sent prior to a company data breach, which prompted the security audit. The user was one of a few people who had access to the leaked data. Review of the suspect’s emails show they consist mostly of pictures of the user at various locations during a recent vacation. No suspicious activities from other users who have access to the data were discovered. Which of the following is occurring?

A. The user is encrypting the data in the outgoing messages.
B. The user is using steganography.
C. The user is spamming to obfuscate the activity.
D. The user is using hashing to embed data in the emails.

Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Steganography is the process of hiding one message in another. Steganography may also be referred to as electronic watermarking. It is also the process of hiding a message in a medium such as a digital image, audio fi le, or other fi le. In theory, doing this prevents analysts from detecting the real message. You could encode your message in another file or message and use that file to hide your message.

Incorrect Answers:
A: Encrypting data means securing the data.
C: Spamming is any unwanted email.
D: Hashing refers to the hash algorithms used in cryptography.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 248, 255, 261