Data Exfiltration Detection

To access material, start machines and answer questions login.

Data exfiltration is the unauthorized transfer of sensitive data from a computer or other device. It's a primary objective for attackers who have breached a network. As a analyst, our job is to detect and stop this before sensitive information walks out the door. This room will cover the common techniques attackers use to steal data and, more importantly, how we can catch them in the act.

Learning Objectives

In this room, we will cover the following learning objectives:

Understand the common methods used for data exfiltration.
Learn how to detect exfiltration attempts using network traffic analysis.
Identify signs of exfiltration on endpoint devices.
Correlate logs in a to uncover hidden exfiltration channels.

Prerequsites

This room expects the users to have covered or explored the following rooms:

Let's begin our learning journey.

Answer the questions below

Continue to the next task.

Ready to learn Cyber Security?

The Data Exfiltration Detection room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

Data Exfiltration Detection

Task 1Introduction

Learning Objectives

Prerequsites

Task 2Lab ConnectionPremium

Task 3Data Exfil: Overview, techniques, and IndicatorsPremium

Task 4Detection: Data Exfil through DNS TunnelingPremium

Task 5Detection: Data Exfil through FTPPremium

Task 6Detection: Data Exfil via HTTPPremium

Task 7Detection: Data Exfiltration via ICMPPremium

Task 8ConclusionPremium

Ready to learn Cyber Security?