John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?

A. Session splicing attack

B. Evasion attack

C. Insertion attack

D. Polymorphic shell code attack








 

Suggested Answer: D



This question is in GISP exam 
For getting GIAC Information Security Professional Certification (GISP)

Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by GIAC.
Trademarks, certification & product names are used for reference only and belong to GIAC.