From the course: Cisco CCNP SCOR Security (350-701) Cert Prep: 3 Endpoint Protection and Secure Access

Unlock this course with a free trial

Join today to access over 23,200 courses taught by industry experts.



- [Instructor] Many experts believe that email data exfiltration is one of the most dangerous thread vectors. One of the main reasons for this concern is the large amount of devices that the average user employs to access their email. This includes laptops, phones, tablets and even watches. It's also a vector that can be used easily by either internal actors, or in other words employees with bad intentions, or external actors. As we discussed with HTTP and HTTPS data exfiltration, email is another very prevalent traffic item on our networks. It's estimated that world-wide we send and receive over 300 billion emails each day. So, this is an obvious way that we can hide data exfiltration within legitimate communication channels. With an inside threat, this is very simply where an employee with access to sensitive information would send that out to themselves using their own personal account as a recipient, or that would be sent to another recipient external to the business. We also have…
