Which evasion technique does this attempt indicate?

An intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources. Which evasion technique does this attempt indicate?
A. traffic fragmentation
B. resource exhaustion
C. timing attack
D. tunneling

cisco-exams

4 thoughts on “Which evasion technique does this attempt indicate?

  1. Definitely B

    By running multiple scans, the device becomes either overloaded, or the analyst might miss the true positive in all the noise generated.

  2. “high volume of scanning from numerous sources. ” This is a kind of DoS Attack. This cause the exhaustion of the resources. Correct Answer is B.

    Resource exhaustion attacks: Resource exhaustion attacks are forms of DoS attacks. These attacks cause the server’s or network’s resources to be consumed to the point where the service is no longer responding, or the response is significantly reduced. By targeting IP routers, an attacker may adversely affect the integrity and availability of the network infrastructure, including end-to-end IP connectivity. Router resources that are commonly affected by packet flood attacks include the following: CPU, packet memory, route memory, network bandwidth, and vty lines.

  3. the answer is A
    Traffic fragmentation attacks modify the TCP/IP traffic in a way that is unexpected
    by security detection devices; the goal is to confuse the detection functions.
    Using TCP segmentation and reordering attacks is one way to modify traffic to
    bypass detection.
    Causing fragments to overlap by modifying IP headers is another type of traffic
    fragmentation attack

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.