nerdexam
EC-Council

312-50V13 · Question #460

Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent t

The correct answer is C. Spoofed session flood attack. Spoofed Session Flood Attack Explained Why C is Correct: A Spoofed Session Flood Attack works by forging legitimate-looking TCP sessions using manipulated SYN, ACK, and RST/FIN packets - the exact handshake components of the TCP three-way handshake - to trick firewalls and networ

Submitted by packet_pusher· Mar 6, 2026Denial-of-Service

Question

Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?

Options

  • AUDP flood attack
  • BPing-of-death attack
  • CSpoofed session flood attack
  • DPeer-to-peer attack

How the community answered

(35 responses)
  • A
    3% (1)
  • B
    9% (3)
  • C
    86% (30)
  • D
    3% (1)

Explanation

Spoofed Session Flood Attack Explained

Why C is Correct: A Spoofed Session Flood Attack works by forging legitimate-looking TCP sessions using manipulated SYN, ACK, and RST/FIN packets - the exact handshake components of the TCP three-way handshake - to trick firewalls and network protection tools into believing the traffic is legitimate, while simultaneously exhausting network resources through DDoS-style flooding.

Why the Distractors are Wrong:

  • A (UDP Flood): Uses UDP packets specifically to overwhelm a target, with no TCP session manipulation or forging involved.
  • B (Ping-of-Death): Involves sending malformed or oversized ICMP ping packets to crash systems - entirely unrelated to TCP session forgery.
  • D (Peer-to-Peer Attack): Exploits P2P network protocols to redirect traffic toward a victim, not through crafted TCP handshake packets.

Memory Tip: Think of the word "Spoofed Session" - if you see any exam question mentioning forged TCP sessions combined with SYN/ACK/RST/FIN packets and firewall circumvention, that's your direct signal pointing to a Spoofed Session Flood Attack. The key phrase is "forged TCP sessions."

Topics

#Denial of Service (DoS)#DDoS Attack#TCP/IP Attacks#Spoofing

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice