EC-Council
312-50V7 · Question #12
312-50V7 Question #12: Real Exam Question with Answer & Explanation
Sign in or unlock 312-50V7 to reveal the answer and full explanation for question #12. The question stem and answer options stay visible for context.
Question
The SYN flood attack sends TCP connections requests faster than a machine can process them. Attacker creates a random source address for each packet SYN flag set in each packet is a request to open a new connection to the server from the spoofed IP address Victim responds to spoofed IP address, then waits for confirmation that never arrives (timeout wait is about 3 minutes) Victim's connection table fills up waiting for replies and ignores new connections Legitimate users are ignored and will not be able to access the server How do you protect your network against SYN Flood attacks?
Options
- ASYN cookies. Instead of allocating a record, send a SYN-ACK with a carefully constructed sequence
- BRST cookies - The server sends a wrong SYN/ACK back to the client. The client should then generate
- CCheck the incoming packet's IP address with the SPAM database on the Internet and enable the filter
- DStack Tweaking. TCP stacks can be tweaked in order to reduce the effect of SYN floods. Reduce the
- EMicro Blocks. Instead of allocating a complete connection, simply allocate a micro record of 16- bytes
Unlock 312-50V7 to see the answer
You've previewed enough free 312-50V7 questions. Unlock 312-50V7 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.