An attacker is using low bandwidth coordinated attacks to avoid our Intrusion Prevention Systems (IPS). What is the attacker doing?
A: Breaking the data into segments.
B: Sending traffic on a well-known TCP port, where we would not expect the malicious traffic.
C: Have many different agents use different IPs and ports.
D: Change the attack signature.
CBK 7: Security Operations
Source: ThorTeaches.com practice tests –
C: Low-bandwidth coordinated attacks: A number of attackers (or agents) allocate different ports or hosts to different attackers making it difficult for the IDS to correlate the captured packets and deduce that a network scan is in progress.
IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.