What does this STIX indicate?

350-201 0 Comments

Refer to the exhibit.

An engineer is analyzing this Vlan0386-int12-117.pcap file in Wireshark after detecting a suspicious network activity. The origin header for the direct IP connections in the packets was initiated by a google chrome extension on a WebSocket protocol. The engineer checked message payloads to determine what information was being sent off-site but the payloads are obfuscated and unreadable.

What does this STIX indicate?
A . The extension is not performing as intended because of restrictions since ports 80 and 443 should be accessible
B . The traffic is legitimate as the google chrome extension is reaching out to check for updates and fetches this information
C . There is a possible data leak because payloads should be encoded as UTF-8 text
D . There is a malware that is communicating via encrypted channels to the command and control server

Answer: C

Latest 350-201 Dumps Valid Version with 139 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download 350-201 PDF     350-201 Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments