nerdexam
Exams210-255Questions#82
Cisco

210-255 · Question #82

210-255 Question #82: Real Exam Question with Answer & Explanation

The correct answer is D: Fragmentation. Packet fragmentation is a classic technique attackers use to evade IDS/IPS by splitting malicious payloads across multiple IP fragments so that no single fragment triggers a signature match.

Question

Which of the following has been used to evade IDS and IPS devices?

Options

  • ASNMP
  • BHTTP
  • CTNP
  • DFragmentation

Explanation

Packet fragmentation is a classic technique attackers use to evade IDS/IPS by splitting malicious payloads across multiple IP fragments so that no single fragment triggers a signature match.

Common mistakes.

  • A. SNMP is a network management protocol used for device monitoring and configuration, not an IDS/IPS evasion technique.
  • B. HTTP is an application-layer protocol for web communication and is not itself an evasion technique, though certain HTTP-based obfuscation methods can be used - HTTP alone is not the answer.
  • C. TNP is not a recognized network protocol or IDS/IPS evasion technique relevant to this context.

Concept tested. IP fragmentation as IDS/IPS evasion technique

Reference. https://www.cisco.com/c/en/us/td/docs/security/ips/7-0/configuration/guide/idm/idmg70/dmevover.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-255 Practice