Home > Articles > Cisco Certification > CCNP > CCNP Security IPS 642-627 Official Cert Guide: Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-evasive Countermeasures

CCNP Security IPS 642-627 Official Cert Guide: Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-evasive Countermeasures

By David Burns, Odunayo Adesina.
Date: Jul 18, 2011.

Save Digg Digg Del.icio.us Print Email

Article Information

Do I Know This Already? Quiz
Foundation Topics
Network IPS Evasion Techniques
Summary
References
Exam Preparation Tasks
Complete the Tables and Lists from Memory
Definitions of Key Terms

Article Description

This chapter covers the various methods used for traffic analysis using a network IPS sensor, the various evasion techniques used by attackers to bypass detection & filtering while understanding the benefits and limitations of each method to assess the risk of evasion, and the various countermeasures, tools, and choosing the best approach based on the methods used by attackers.

From the Rough Cut

CCNP Security IPS 642-627 Official Cert Guide

$55.99 (Save 20%)

Complete the Tables and Lists from Memory

Print a copy of Appendix D, “Memory Tables,” (found on the CD), or at least the section for this chapter, and complete the tables and lists from memory. Appendix E, “Memory Tables Answer Key,” also on the CD, includes completed tables and lists to check your work.

Evasion Technique	Example	Evasion Tool
Traffic Fragmentation	IP Fragmentation	Fragroute, fragrouter
Timing Attack	Slow Reconnaissance scan	Nmap
Encryption and Tunneling	Attacks GRE or SSL Tunnel	Any encrypted protocol
Resource Exhaustion	TCP Flooding	Stick

8. Definitions of Key Terms | Next SectionPrevious Section

Search Related Safari Books

Promotions

Deals on Cisco Press eBooks for iPad, Kindle, Nook, and more
Best Selling Cisco Certification & Networking Books: Buy 3+, Save 40%
Cisco Press Books Available on Kindle

See All Promotions