An employee wants to bypass detection by a network-based IDS application and does not want to attack the system containing the IDS application. Which of the following strategies can the employee use to evade detection by a network-based IDS application?
A.
Create a ping flood
B.
Create multiple false positives
C.
Create a covert network tunnel
D.
Create a SYN flood
Explanation:
HTTP Tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols. The HTTP protocol therefore acts as a wrapper for a covert channel that the network protocol being tunneled uses to communicate. The HTTP stream with its covert channel is termed a HTTP Tunnel. Very few firewalls blocks outgoing HTTP traffic.
C
covert tunnel or covert channel is is a network attack that allow’s to transfer the information between the process period. covet channel is easy bypass the IDS or other security checks.
Correct answer is C