New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CPEH-001 Exam - Topic 3 Question 18 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 18
Topic #: 3
[All CPEH-001 Questions]

ETHER: Destination address : 0000BA5EBA11 ETHER: Source address :

An employee wants to defeat detection by a network-based IDS application. He does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application?

Show Suggested Answer Hide Answer
Suggested Answer: B

Certain types of encryption presents challenges to network-based intrusion detection and may leave the IDS blind to certain attacks, where a host-based IDS analyzes the data after it has been decrypted.


by Stephaine at May 04, 2022, 09:29 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Whitney
4 months ago
Wait, can a network tunnel really defeat IDS? Sounds too easy.
upvoted 0 times
...
Alise
4 months ago
Ping flood? Seems too obvious to me.
upvoted 0 times
...
Shawnna
4 months ago
SYN flood? That's a bit risky, isn't it?
upvoted 0 times
...
Alton
4 months ago
I think creating multiple false positives is a solid strategy!
upvoted 0 times
...
Evelynn
5 months ago
A network tunnel can help bypass detection.
upvoted 0 times
...
Leota
5 months ago
I practiced a question similar to this, and I feel like creating a network tunnel might be the most effective strategy for stealth.
upvoted 0 times
...
Shantay
5 months ago
SYN floods seem like a classic attack method, but I wonder if they would really help in defeating detection without targeting the IDS itself.
upvoted 0 times
...
Cammy
5 months ago
I think creating multiple false positives could confuse the IDS, but I can't recall if that's a common tactic.
upvoted 0 times
...
Julene
5 months ago
I remember studying how network tunnels can help in evading detection, but I'm not entirely sure if that's the best option here.
upvoted 0 times
...
Antonio
5 months ago
Hmm, this one seems a bit tricky. I'll need to think through the definitions carefully to determine which statement is true.
upvoted 0 times
...
Skye
5 months ago
I remember something about BGP authentication needing to match on both ends, but I'm not entirely sure how the MD5 settings impact that.
upvoted 0 times
...
Elroy
5 months ago
The VXLAN equivalent to a VLAN ID has to be one of the options provided. Based on my understanding, the VNI, or VXLAN Network Identifier, is used to identify the virtual network, so I'm going to go with B.
upvoted 0 times
...
Xochitl
5 months ago
Wait, I'm confused. Is a domain just a group of related attributes, or is it specifically about the valid values? I'm going to have to review my notes on relational database concepts before answering this one.
upvoted 0 times
...

Save Cancel