A senior security engineer has been tasked with ensuring the confidentiality and integrity of the organization’s most valuable personally identifiable information (PII). This data is stored on local file and database servers within the organization’s data center. The following security measures have been implemented to ensure that unauthorized access is detected and logged.

• Network segmentation and enhanced access logging of the database and file servers
• Implemented encryption of data at rest
• Implemented full packet capture of the network traffic in and out of the sensitive network segment
• Ensured all transaction log data and packet captures are backed up to corporate backup appliance within the corporate backup network segment

Which of the following is the MOST likely way to exfiltrate PII while avoiding detection?

A. Unauthorized access to the file server via Secure Shell (SSH)
B. Unauthorized access to the database server via a compromised web application
C. Unauthorized access to the database server via a compromised user account
D. Unauthorized access to the backup server via a compromised service account