Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.


Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement


All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Egress Monitoring Transcription

Welcome to our egress monitoring module. Egress monitoring is controlling the traffic that leaves your network. You can filter the traffic leaving your network using an access control list, or ACL. You can set up the system so that all traffic except the traffic from a pre-identified setup servers is denied egress or prevented from leaving your network by a firewall or proxy.

You can have automated filtering for certain protocols and only allow certain protocols to leave the network, such as HTTP or HTTPS for web browsing. SMTP for sending email messages, and SIP for voice over IP calls. This will allow you to have very tight control, monitoring, and the auditing of your network traffic.

It will also allow you to attribute traffic to a specific user in order to provide nonrepudiation and integrity. It will allow you to use physical and logical access control mechanisms, and can help to remove vectors for some distributed denial of service attacks. You can filter your outgoing traffic by HashChecking.

This system would compute and store a hash value or a unique digital fingerprint for each binary file that you are monitoring. Hash checking is typically used to verify that a file has not been modified by comparing a known historic hash value with a newly generated hash value. Hash checking can be preformed by several different different commercial host based intrusion prevention systems.

Proxy firewalls, as well as DLP or data leakage prevention appliances. The current scan would be compared to values in your database and if there is a match then the system can block that traffic from being sent. And the administrators would be notified. Basically, your system administrators would come up with a list of all the files that are not permitted to leave your network.

And those hash values would be used to check all of the files that your employees are sending out of the network. And when there is a match the system knows that someone is trying to send a file that should not be leaving your network. Hash values are also used to look for malicious files and viruses by anti-virus software.

And SHA1 or the secure hash algorithm one is probably one of the most common protocols used for hashing. You should be aware of steganography which allows users to hide messages in media. This is known as a covert communication channel. The user is able to hide the existence of data within another file.

This could have a legitimate purpose, such as a digital watermark to detect illegal copies of digital images, but generally is used for malicious purposes. With steganography, there is no algorithm or no key, generally. The data is just hidden in a place where people would not usually look for it.

An example at the bottom here we have what appears to be a normal picture. And if this picture went through your email system you would probably not suspect anything suspicious about this picture. However, using the appropriate software or looking at the picture in a hex editor. You would find a hidden message inside the picture that says the money is hidden under the dock by the beach.

This can be very concerning for system administrators, because individuals can take sensitive data off of your network without you realizing that it is occurring. Data leak or Data Loss Prevention systems or DLP uses set of procedures and mechanisms to automatically stop your sensitive data Data from leaving your security boundary.

These systems will help you to provide network egrass monitoring. In order for these systems to work properly, it is important that all your sensitive data is properly labeled. You can use digital signatures and encryption to protect your most important documents. In order for your DLP system to function properly you would locate and catalog all of your sensitive information on your system.

The DLP system would then monitor and control the movement of your sensitive information across your network. And would also control the movement of sensitive information on the end user systems, such as preventing a user from storing it to a USB flash drive that they could then walk out of the organization with.

The DLP agents will report back to the administrator console to notify them that an individual is trying to take a specific document off of the system. That has been marked as sensitive. DLP technology works very well, but you must consider loop holes. You can have a very expensive system in place to prevent individuals from emailing sensitive data.

But what if they just print the data out on a piece of paper and walk out of the organization with it? They might also be able to fax the document to an adversary which would not go through your DALP system. Or perhaps they could print the documents to PDF, and then send that PDF document through your system because your system would not be very familiar with the hash value.

The PDF version of that sensitive data. You should also consider individuals bringing camera phones into your organization and simply taking pictures of the screen when there is sensitive data on the screen. This is why many organizations, especially government agencies, prohibit users from bringing camera phones into sensitive areas.

This concludes our egress monitoring module. Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!