In today's highly digital landscape, cybersecurity is no longer just an IT concern—it’s a business imperative. As organizations step up their efforts to guard against cyberattacks, hackers, in turn, have evolved and adopted more sophisticated methods to bypass security systems. Among the many techniques in a hacker’s toolkit, evasion techniques stand out as particularly dangerous. These methods allow malicious actors to circumvent security controls, remain undetected, and execute attacks effectively.
So, what are two evasion techniques that are used by hackers? (Choose two.) In this detailed guide, we will explore the two most prevalent evasion tactics, explain how they work, and discuss how to protect against them.
Understanding Evasion Techniques in Cybersecurity
Before diving into specific methods, it’s important to understand what evasion means in a cybersecurity context.
Evasion techniques are strategies employed by cyber attackers to avoid detection by security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus programs, and endpoint protection platforms. These tactics allow malware or malicious activities to go unnoticed, increasing the chances of a successful breach.
Evasion techniques can occur at different stages of an attack, including:
- Delivery of malicious payloads
- Execution of malware
- Communication with command-and-control servers
- Lateral movement within a network
What Are Two Evasion Techniques That Are Used by Hackers? (Choose Two.)
1. Obfuscation
Obfuscation is the process of making malicious code difficult to read or analyze. By changing the appearance of the code while maintaining its functionality, attackers can bypass security systems that rely on pattern recognition or signature-based detection.
How Obfuscation Works:
- Encoding: Attackers encode malware scripts (e.g., Base64 or hexadecimal encoding).
- Polymorphism: Malware changes its code every time it runs, creating a new “signature” to avoid detection.
- Packing: Code is compressed and encrypted to mask its real purpose.
Real-World Example:
A phishing email contains a JavaScript file embedded in a document. This script is obfuscated using multiple layers of encoding and can bypass most traditional antivirus scanners.
Defense Measures:
- Use behavior-based detection tools instead of relying solely on signatures.
- Employ sandboxing to analyze suspicious files in isolated environments.
- Implement deep packet inspection (DPI) on networks.
2. Tunneling (Protocol Tunneling)
Tunneling is a technique where attackers encapsulate malicious traffic within legitimate protocols such as HTTP, HTTPS, DNS, or ICMP. This allows data to “hide in plain sight” by blending in with regular network traffic.
How Tunneling Works:
- Malicious payloads are embedded inside authorized protocol packets.
- The traffic is routed through commonly allowed ports (e.g., port 80 or 443).
- The attack communicates with command-and-control servers without being detected.
Real-World Example:
An attacker tunnels data exfiltration commands through DNS queries. Security appliances do not flag it because DNS requests are considered normal traffic.
Defense Measures:
- Monitor for abnormal usage of common protocols (e.g., too many DNS requests).
- Use Network Behavior Analysis (NBA) tools.
- Enable TLS inspection to view encrypted HTTP traffic.
Other Notable Evasion Techniques
While obfuscation and tunneling are two major techniques, others are also worth mentioning:
▪️ Living Off the Land (LotL):
Uses native operating system tools (like PowerShell) to perform attacks, avoiding the need for external files.
▪️ Rootkits:
Install themselves deep within the OS, often at the kernel level, to hide files, processes, or network activity.
▪️ Anti-VM & Anti-Debugging:
Designed to detect if malware is being executed in a virtual or debugging environment and behave differently to avoid detection.
Why Understanding Evasion Techniques Matters for IT Professionals
Understanding evasion techniques is critical for professionals preparing for certification exams such as CompTIA Security+, CEH, CISSP, and others. These topics are often included in practice tests and real-world scenarios, making them essential knowledge for both exam success and workplace defense.
For example, DumpsQueen offers comprehensive dumps and practice tests that include scenario-based questions like:
"What are two evasion techniques that are used by hackers? (Choose two.)"
By mastering such questions, candidates not only prepare for exams but also become more competent at identifying and mitigating cyber threats in real time.
How to Protect Your Network Against Evasion Techniques
Organizations must stay ahead of attackers by adopting a multi-layered security approach. Here are some best practices:
1. Use Next-Generation Antivirus (NGAV)
NGAV tools use machine learning to detect anomalies and behaviors rather than relying only on signatures.
2. Implement Network Traffic Analysis (NTA)
NTA solutions help detect tunneling and other suspicious communications.
3. Behavior-Based Analytics
Employ tools that observe and analyze how users and applications behave to flag abnormalities.
4. Regular Patching and Updates
Many evasion techniques exploit unpatched vulnerabilities. Keep all systems updated.
5. Cybersecurity Training
Employees should be trained to recognize phishing attempts and report unusual activity immediately.
Evasion Techniques in Cybersecurity Exams
If you're preparing for cybersecurity certifications, be sure to understand the context and implementation of evasion techniques. DumpsQueen offers real exam-like practice questions, detailed explanations, and updated dumps for all major IT certifications.
These practice materials include scenario-based MCQs like:
“What are two evasion techniques that are used by hackers? (Choose two.)”
Which tests both your theoretical and practical knowledge of real-world cybersecurity challenges.
Final Thoughts
Cybercriminals are constantly evolving, and evasion techniques are at the forefront of their strategies. By learning what are two evasion techniques that are used by hackers? (Choose two.), cybersecurity professionals can stay vigilant and implement stronger defenses.
Both obfuscation and tunneling are widely used tactics that have proven effective in bypassing traditional security measures. Understanding how they work and how to defend against them is crucial for anyone serious about cybersecurity—whether you're studying for an exam or securing a corporate network.
To prepare effectively for questions like these and more, visit DumpsQueen for the most trusted, updated certification exam materials tailored for real-world readiness.
Sample Practice Questions
Question 1
What are two evasion techniques that are used by hackers? (Choose two.)
A. Obfuscation
B. Tunneling
C. Data Loss Prevention
D. Role-Based Access Control
Answer: A. Obfuscation, B. Tunneling
Question 2
Which evasion technique involves disguising malicious code by making it difficult to analyze?
A. Tunneling
B. Obfuscation
C. Phishing
D. Credential Stuffing
Answer: B. Obfuscation
Question 3
An attacker hides malicious data within DNS queries to avoid detection. What technique is being used?
A. Social Engineering
B. DNS Poisoning
C. Tunneling
D. Code Injection
Answer: C. Tunneling
Question 4
Which of the following is NOT an evasion technique?
A. Anti-VM
B. Rootkit
C. Password Rotation
D. Protocol Tunneling
Answer: C. Password Rotation
