In which TCP attack is the cybercriminal attempting to overwhelm a target host with half-open TCP connections?
- port scan attack
- SYN flood attack
- session hijacking attack
- reset attack
Explanation: In a TCP SYN flood attack, the attacker sends to the target host a continuous flood of TCP SYN session requests with a spoofed source IP address. The target host responds with a TCP-SYN-ACK to each of the SYN session requests and waits for a TCP ACK that will never arrive. Eventually the target is overwhelmed with half-open TCP connections.
More Questions: Modules 3 – 5: Network Security Exam Answers
More Questions: CCNA Cyber Ops (v1.1) – Chapter 7 Exam Answers
More Questions: Modules 13 – 14: Emerging Network Technologies Exam