Which of the following strategies can the employee use to evade detection by a network-based IDS application?

An employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by a network-based IDS application?

An employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by a network-based IDS application?

A.
Create a ping flood

B.
Create multiple false positives

C.
Create a covert network tunnel

D.
Create a SYN flood

Explanation:
HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic.



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Ghost Man

Ghost Man

C

covert tunnel or covert channel is is a network attack that allow’s to transfer the information between the process period. covet channel is easy bypass the IDS or other security checks.

mr_tienvu

mr_tienvu

Correct answer is C