According to theCHFI v11 Anti-Forensics Techniquesdomain,steganographyis a sophisticated method used by attackers to conceal sensitive or malicious information withinseemingly normal filessuch as images, audio files, video files, or documents. Unlike encryption, which makes data unreadable but visibly suspicious, steganography hides theexistence of the data itself, making detection significantly more challenging during forensic analysis.
In steganography, data is embedded into unused or less noticeable parts of a file—such as theleast significant bits (LSB)of image pixels or audio samples—without noticeably altering the file’s appearance or functionality. As a result, standard antivirus tools, intrusion detection systems, and basic forensic scans may not flag these files as suspicious. CHFI v11 highlights steganography as a commonanti-forensic tacticused for covert data exfiltration, command-and-control communication, and storage of illegal or confidential information.
The other options are less effective in this scenario.File extension mismatchcan often be detected through file signature analysis.Hiding data in file system structuresleaves traces in metadata or unallocated space.Trial obfuscationis not a formally recognized anti-forensics technique in CHFI v11.
CHFI v11 emphasizes that detecting steganography often requiresspecialized steganalysis tools, statistical analysis, and anomaly detection techniques beyond conventional scanning.
Therefore, the technique used to hide sensitive information within normal-looking files—fully aligned with CHFI v11—isSteganography, makingOption Dthe correct answer.
