What is the name of the evasion technique that employs overlapping TCP sequence numbers in small fragments to bypass reassembly checks?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

What is the name of the evasion technique that employs overlapping TCP sequence numbers in small fragments to bypass reassembly checks?

Explanation:
This question is about evading detection by manipulating how traffic is reassembled. Attackers craft small fragments with overlapping TCP sequence numbers so that when an IDS reassembles the stream to inspect the payload, the result can differ from what the actual target reassembles. This mismatch can cause the IDS to miss malicious content or misinterpret the data, allowing the payload to slip past detection. Because the focus is on dodging IDS checks, this is an IDS evasion technique. Fragmentation describes the general act of breaking data into pieces, but the key here is using that fragmentation specifically to defeat reassembly-based detection. The other options don’t fit: ASCII shellcodes relate to payload encoding, and Pre-Connection SYN pertains to handshake techniques.

This question is about evading detection by manipulating how traffic is reassembled. Attackers craft small fragments with overlapping TCP sequence numbers so that when an IDS reassembles the stream to inspect the payload, the result can differ from what the actual target reassembles. This mismatch can cause the IDS to miss malicious content or misinterpret the data, allowing the payload to slip past detection. Because the focus is on dodging IDS checks, this is an IDS evasion technique. Fragmentation describes the general act of breaking data into pieces, but the key here is using that fragmentation specifically to defeat reassembly-based detection. The other options don’t fit: ASCII shellcodes relate to payload encoding, and Pre-Connection SYN pertains to handshake techniques.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy