Certified Ethical Hacker (CEH v12) — Question 37

Kevin, a professional hacker, wants to penetrate CyberTech Inc’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packets, but the target web server can decode them.
What is the technique used by Kevin to evade the IDS system?

Answer options

• A. Session splicing
• B. Urgency flag
• C. Obfuscating
• D. Desynchronization

Correct answer: C

Explanation

The correct answer is C, as obfuscating involves manipulating data to conceal its true meaning, making it difficult for IDS systems to detect. Session splicing (A) refers to breaking a session into multiple parts to avoid detection, while urgency flag (B) and desynchronization (D) do not specifically relate to encoding packets in a manner that evades IDS detection.