After successfully enumerating the target, the hacker determines that the victim is using a firewall. Which of the following techniques would allow the hacker to bypass the intrusion prevention system (IPS)?
A. Stealth scanning
Explanation:
Stealth scanning is a technique used to avoid detection by firewalls and Intrusion Prevention Systems (IPS). It works by sending packets in a way that makes it difficult for the firewall or IPS to detect and log the activity, such as using fragmented packets or SYN scans (half-open scanning), which minimizes the interaction with the target system.
Why the other answers are less suitable:
B. Xmas scanning: Sends packets with the FIN, PSH, and URG flags set, but it's noisy and easily detectable by most firewalls and IPS systems. It can raise alarms rather than evade them.
C. FIN scanning: Sends packets with the FIN flag set, which is less noisy than Xmas scanning but still detectable by modern intrusion detection systems.
D. Port scanning: While useful for enumerating open ports, typical port scanning is easily detected by firewalls and IPS, especially if the scans are frequent or comprehensive.
B. Xmas scanning
Xmas scanning is a type of port scanning that sets various TCP flags (URG, PSH, and FIN) to probe a target. By sending packets with these flags set, the hacker can attempt to evade detection by the firewall or IPS. The use of unusual or unexpected TCP flag combinations may confuse or bypass certain security systems.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
044f354
2 months, 4 weeks agoWutan
1 year, 2 months ago