What are two ways that packet fragmentation can allow an attacker to evade an IPS sensor? (Choose two.)
A. IPS sensors cannot perform fragmentation and reassembly, forcing them to permit fragmented packets through the IPS sensor.
B. IPS sensors that do not reassemble fragmented packets may fail to recognize the payload as an attack.
C. Packet fragments hide the destination address of the payload, preventing the IPS from learning the hosts being attacked.
D. IPS sensors may interpret fragments differently than end hosts, allowing attacks through the sensor.
E. Setting the DNF-bit can force the IPS sensor to permit packets sent to it as a sequence of fragments, because the IPS sees them as error frames.
