Certified Ethical Hacker Session Hijacking and Evading IDS Firewalls 2

Question 1

Which IDS evasion technique involves breaking a single exploit into multiple small packets that individually appear harmless?

Accepted Answer

Session Splicing

Answer

Obfuscation

Answer

Protocol Anomaly

Answer

TTL Manipulation

Question 2

What is the purpose of using Unicode or hex encoding in IDS evasion?

Accepted Answer

To obscure attack strings so signature-based IDS does not detect them

Answer

To compress attack payloads for faster delivery

Answer

To bypass SSL inspection

Answer

To prevent logging of the attack

Question 3

Which firewall evasion technique uses a series of intermediate hosts to hide the true source of an attack?

Accepted Answer

Proxy Chaining

Answer

Fragmentation

Answer

Source Routing

Answer

Tunneling

Question 4

What does a stateful firewall track that a stateless (packet-filtering) firewall does not?

Accepted Answer

The state of active network connections

Answer

Source and destination IP addresses

Answer

Layer 7 application data

Answer

DNS query responses

Question 5

Which technique involves manipulating the TTL field of packets to confuse IDS reassembly while the target host still receives the attack?

Accepted Answer

TTL Manipulation

Answer

Fragmentation Overlap

Answer

Protocol Mutation

Answer

Insertion Attack

Question 6

What type of IDS evasion injects extra packets into a stream that the IDS accepts but the target host rejects, causing the IDS to build a different view of the session?

Accepted Answer

Insertion Attack

Answer

Evasion Attack

Answer

Fragmentation Attack

Answer

Obfuscation Attack