Palo Alto Networks Exam PCCET Topic 8 Question 36 Discussion

Attack communication traffic is usually hidden with various techniques and

tools, including:

Encryption with SSL, SSH (Secure Shell), or some other custom or proprietary encryption

Circumvention via proxies, remote access tools, or tunneling. In some instances, use of

cellular networks enables complete circumvention of the target network for attack C2 traffic.

Port evasion using network anonymizers or port hopping to traverse over any available open

ports

Fast Flux (or Dynamic DNS) to proxy through multiple infected endpoints or multiple,

ever-changing C2 servers to reroute traffic and make determination of the true destination

or attack source difficult

DNS tunneling is used for C2 communications and data infiltration