200-201 · Question #381
200-201 Question #381: Real Exam Question with Answer & Explanation
The correct answer is D: TCP injection. TCP injection is an attack where the attacker sends crafted packets into an existing TCP session. These packets appear to be part of the session. The presence of many SYN packets with the same sequence number, source, and destination IP but different payloads indicates that an at
Question
A user reports difficulties accessing certain external web pages. When an engineer examines traffic to and from the external domain in full packet captures, they notice that many SYNs have the same sequence number, source, and destination IP address, but they have different payloads. What is causing this situation?
Options
- Afailure of the full packet capture solution
- Bmisconfiguration of a web filter
- Cinsufficient network resources
- DTCP injection
Explanation
TCP injection is an attack where the attacker sends crafted packets into an existing TCP session. These packets appear to be part of the session. The presence of many SYN packets with the same sequence number, source, and destination IP but different payloads indicates that an attacker might be injecting packets into the session. This method can be used to disrupt communication, inject malicious commands, or manipulate the data being transmitted.
Topics
Community Discussion
No community discussion yet for this question.