Using ICMP packets to carry out command and control tasks on a compromised host is a common technique used in malware attacks. Malware can embed commands within the payload of ICMP packets, which are then sent to a command and control server controlled by the attacker. The server can then send responses back to the compromised host using ICMP packets, allowing the attacker to execute commands remotely without being detected.
C:To make it more difficult for security personnel to detect the malicious traffic, attackers can encrypt the payload of the ICMP packets using various encryption algorithms. This makes it harder for network security devices to detect and identify the malicious traffic as it passes through the network.
ANSWER IS C:Here are some reference links related to the use of ICMP in malware attacks:
"Using ICMP for Command and Control" - SANS Institute: https://www.sans.org/reading-room/whitepapers/detection/icmp-command-control-34325
"Malware Using ICMP Tunneling" - Palo Alto Networks: https://unit42.paloaltonetworks.com/malware-using-icmp-tunneling/
"Using ICMP to Build Covert Channels in Malware" - Trend Micro: https://www.trendmicro.com/en_us/research/11/d/using-icmp-to-build-covert-channels-in-malware.html
C is correct
https://socfortress.medium.com/data-exfiltration-using-icmp-and-how-to-detect-it-69a799cca234
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
sull3y
6 months, 2 weeks agosull3y
6 months, 2 weeks agoluisseijuro
8 months, 4 weeks ago