Certified Ethical Hacker (CEH v13) — Question 237

Kevin, a professional hacker, wants to penetrate CyberTech Inc’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packets, but the target web server can decode them.
What is the technique used by Kevin to evade the IDS system?

Answer options

• A. Session splicing
• B. Urgency flag
• C. Obfuscating
• D. Desynchronization

Correct answer: C

Explanation

The correct answer is C, as obfuscating involves altering data to make it difficult for intrusion detection systems to recognize malicious content. The other options, such as session splicing and desynchronization, pertain to different evasion techniques that do not specifically involve encoding data in a way that confuses an IDS like using Unicode characters does.