Which of the following strategies can the employee use to evade detection by a network-based IDS application?

adminDecember 21, 2015

An employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by a network-based IDS application?

A.
Create a ping flood

B.
Create multiple false positives

C.
Create a covert network tunnel

D.
Create a SYN flood

Explanation:
HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic.

2 Comments on “Which of the following strategies can the employee use to evade detection by a network-based IDS application?”

Ghost Man says:

December 9, 2015 at 1:27 pm

C

covert tunnel or covert channel is is a network attack that allow’s to transfer the information between the process period. covet channel is easy bypass the IDS or other security checks.

Log in to Reply
mr_tienvu says:

December 22, 2015 at 12:52 am

Correct answer is C

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

Which of the following strategies can the employee use to evade detection by a network-based IDS application?

2 Comments on “Which of the following strategies can the employee use to evade detection by a network-based IDS application?”

Leave a Reply Cancel reply