Home » ECCouncil » 312-50 » What is the best way to evade the NIDS?
You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?
A. Encryption
B. Protocol Isolation
C. Alternate Data Streams
D. Out of band signalling
Correct Answer: A
Explanation/Reference:
When the NIDS encounters encrypted traffic, the only analysis it can perform is packet level analysis, since the application layer contents are inaccessible. Given that exploits against today’s networks are primarily targeted against network services (application layer entities), packet level analysis ends up doing very little to protect our core business assets.
References: http://www.techrepublic.com/article/avoid-these-five-common-ids-implementation-errors/
Free dumps for 312-50v11 in Printable PDF format.
High quality PDF and software. VALID exam to help you pass.
|
|
Download Printable PDF. VALID exam to help you PASS.
|
|