GIAC GSNA Exam - Topic 6 Question 83 Discussion

According to the scenario, John is performing the Steganography technique for sending malicious data. Steganography is an art and science of

hiding information by embedding harmful messages within other seemingly harmless messages. It works by replacing bits of unused data,

such as graphics, sound, text, and HTML, with bits of invisible information in regular computer files. This hidden information can be in the form

of plain text, cipher text, or even in the form of images.

Answer A is incorrect. Web ripping is a technique in which the attacker copies the whole structure of a Web site to the local disk and

obtains all files of the Web site. Web ripping helps an attacker to trace the loopholes of the Web site.

Answer D is incorrect. Social engineering is the art of convincing people and making them disclose useful information such as account

names and passwords. This information is further exploited by hackers to gain access to a user's computer or network. This method involves

mental ability of the people to trick someone rather than their technical skills. A user should always distrust people who ask him for his

account name or password, computer name, IP address, employee ID, or other information that can be misused.

Answer C is incorrect. John is not performing email spoofing. In email spoofing, an attacker sends emails after writing another person's

mailing address in the from field of the email id.