nerdexam
EC-Council

312-50V13 · Question #160

Take a look at the following attack on a Web Server using obstructed URL: How would you protect from these attacks?

The correct answer is B. Create rules in IDS to alert on strange Unicode requests. Obstructed URLs, often involving encoding schemes like hex or Unicode, can bypass basic web server input validation, making it critical to detect such anomalies for security.

Submitted by skyler.x· Mar 6, 2026Hacking Web Applications

Question

Take a look at the following attack on a Web Server using obstructed URL: How would you protect from these attacks?

Exhibit

312-50V13 question #160 exhibit

Options

  • AConfigure the Web Server to deny requests involving "hex encoded" characters
  • BCreate rules in IDS to alert on strange Unicode requests
  • CUse SSL authentication on Web Servers
  • DEnable Active Scripts Detection at the firewall and routers

How the community answered

(24 responses)
  • A
    13% (3)
  • B
    79% (19)
  • C
    4% (1)
  • D
    4% (1)

Why each option

Obstructed URLs, often involving encoding schemes like hex or Unicode, can bypass basic web server input validation, making it critical to detect such anomalies for security.

AConfigure the Web Server to deny requests involving "hex encoded" characters

Configuring the web server to deny requests involving hex-encoded characters is a good practice for web server hardening, but an IDS provides a broader, more centralized detection mechanism for various encoding schemes and anomalous patterns that might not be caught by simple server-side rules.

BCreate rules in IDS to alert on strange Unicode requestsCorrect

An Intrusion Detection System (IDS) can be configured with specific rules or anomaly detection capabilities to identify unusual character encodings, such as "strange Unicode requests" or hex-encoded characters, in URL paths. This allows the system to alert security personnel to potential obfuscated attacks attempting to bypass standard web application firewalls or server-side input sanitization.

CUse SSL authentication on Web Servers

SSL authentication primarily provides encryption for data in transit and verifies server identity; it does not inherently inspect the content of encrypted requests for malicious encoding, nor does it prevent an attacker from sending an obfuscated URL if the connection is established.

DEnable Active Scripts Detection at the firewall and routers

Enabling Active Scripts Detection at the firewall and routers typically focuses on detecting malicious scripts embedded in the traffic payload or preventing script execution, not specifically on analyzing and blocking URL encoding obfuscation, which is more a function of a Web Application Firewall (WAF) or an IDS.

Concept tested: Web server URL encoding attack detection

Source: https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html

Topics

#Web server security#URL encoding#IDS rules#Obfuscation

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice