Which of the following is a common method of data exfiltration?

The correct choice highlights a prevalent method of data exfiltration, which involves transferring data to an unauthorized external location using malware. This approach exemplifies how cybercriminals leverage malicious software to bypass security measures and access sensitive information. Once the malware is installed on a target system, it can quietly collect data and send it to an external location controlled by the attacker, often without the knowledge of the organization. This method is particularly concerning because it can occur stealthily, making it difficult for security systems to detect the unauthorized data movement until it is too late.

In contrast, the other options outline practices that are typically associated with securing data rather than exfiltrating it. For instance, utilizing a secure intranet generally enhances internal data sharing securely, while encrypting data within the organization protects it from unauthorized access rather than facilitating its unauthorized transfer. Similarly, backing up data to an internal server is a standard data protection measure aimed at ensuring data availability and recovery, not exfiltration. Each of these methods focuses on maintaining data integrity and security, contrasting the malicious intent reflected in the correct answer.