ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam
Go to Exam

Exam CSSLP topic 2 question 24 discussion

Actual exam question from ISC's CSSLP
Question #: 24
Topic #: 2
[All CSSLP Questions]

Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?

  • A. DDoS attack
  • B. Evasion attack
  • C. Insertion attack
  • D. Dictionary attack
Show Suggested Answer Hide Answer
Suggested Answer: thereby preventing communications between services. Disrupt services on a specific computer. Answer: D is incorrect. Dictionary attack is a type of password 🗳️
A distributed denial of service (DDoS) attack targets a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses. DDoS attack occurs when multiple compromised systems flood the bandwidth or resources of a targeted system, usually one or more Web servers. These systems are compromised by attackers using a variety of methods. It is an attempt to make a computer resource unavailable to its intended users. This type of attack can cause the following to occur: Saturate network resources. Disrupt connections between two computers, guessing attack. This type of attack uses a dictionary of common words to find out the password of a user. It can also use common words in either upper or lower attack, an IDS accepts a packet and assumes that the host computer will also accept it. But in reality, when a host system rejects the packet, the IDS accepts the evasion attack is one in which an IDS rejects a malicious packet but the host computer accepts it. Since an IDS has rejected it, it does not check the contents of the packet. Hence, using this technique, an attacker can exploit the host computer. In many cases, it is quite simple for an attacker to send such data packets that can easily perform evasion attacks on an IDSs.
by 74gjd_37 at Sept. 30, 2023, 7:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
74gjd_37
5 months, 2 weeks ago
Selected Answer: A
The correct answer is A. DDoS attack. A Distributed Denial of Service (DDoS) attack involves multiple compromised computers, often referred to as a botnet or zombie army, that target a single server with an overwhelming number of requests or traffic to disrupt normal operation and deny service to legitimate users. The use of spoofed IP source addresses is a common technique used in DDoS attacks to make it difficult for the targeted server to distinguish between legitimate and malicious traffic and effectively defend against the attack.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago