DNS
I hinted at this yesterday. DNS is a fantastic method of moving information into and out of a compromised server because it bypasses ALL SECURITY on a network. I've used it many times when penetration testing. It compounds the problem when all the DNS servers in an enterprise pass information back and forth to each other. Lets a hacker pivot to so many other different devices and servers in a network.
Even if you set DNS up correctly and securely (including encryption)... you can always get someone to open up a phishing email to start running things with their privileges/credentials (so encryption is now moot) and then pass the info back/forth via DNS. Info, including... DoS or C&C info. Again... bypassing all security devices. A savvy hacker will encrypt the communications to make it even more difficult to notice.
I loved how I got thumbs down yesterday for telling people (individual users) they're nuts if they run their own DNS servers at home. To protect DNS takes more than a typical SOHO firewall/security device. If you run a DNS server out of your home, you have a pretty sizeable security hole you cannot fix cheaply.