43. A flood of packets with invalid source IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack has occurred?
- TCP session hijacking
- TCP SYN flood
- TCP reset
- UDP flood
Explanation: The TCP SYN Flood attack exploits the TCP three-way handshake. The threat actor continually sends TCP SYN session request packets with a randomly spoofed source IP address to an intended target. The target device replies with a TCP SYN-ACK packet to the spoofed IP address and waits for a TCP ACK packet. Those responses never arrive. Eventually the target host is overwhelmed with half-open TCP connections and denies TCP services.
Exam with this question: CyberOps Associate (Version 1.0) - CyberOps Associate 1.0 Practice Final exam
Exam with this question: Endpoint Security (ESec) Final Exam Answers (Course Final)
Exam with this question: Endpoint Security: My Knowledge Check Answers
Please login or Register to submit your answer