Which of the following MOST interferes with network-based detection techniques?
A.
Mime-encoding
B.
SSL
C.
FTP
D.
Anonymous email accounts
Explanation:
Secure Sockets Layer (SSL) is used to establish secure TCP communication between two machines by encrypting the communication. Encrypted communications
cannot easily be inspected for anomalies by network-based intrusion detection systems (NIDS).
Incorrect Answers:
A: Multi-Purpose Internet Mail Extensions (MIME) encoding is used in email messages to allow messages to be sent in formats other than ASCII text. Email
messages are handles by host based intrusion detection systems (HIDS).
C: File Transfer Protocol (FTP) is an inherently insecure protocol that does not use any form of encryption making it easy to inspect for anomalies.
D: Email messages are handles by host based intrusion detection systems (HIDS).Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 268
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 8, 12-