350-501 Question #367: Real Exam Question with Answer & Explanation

The correct answer is C: HTTP flood. An HTTP flood is an application layer attack that overwhelms a web server with legitimate-looking HTTP requests, consuming server resources and making it unavailable to users.

Networking

Question

Which type of attack is an application attack?

Options

Aping of death
BICMP (ping) flood
CHTTP flood
DSYN flood

Explanation

An HTTP flood is an application layer attack that overwhelms a web server with legitimate-looking HTTP requests, consuming server resources and making it unavailable to users.

Common mistakes.

A. A ping of death is a network layer (Layer 3/4) attack that exploits vulnerabilities in how systems handle oversized or malformed ICMP packets, potentially causing a system crash.
B. An ICMP (ping) flood is a network layer (Layer 3) denial-of-service attack that overwhelms a target with a high volume of ICMP echo requests, consuming bandwidth and system resources.
D. A SYN flood is a transport layer (Layer 4) denial-of-service attack that exploits the TCP three-way handshake by sending a flood of SYN requests without completing the final ACK, leaving the server's connection tables full.

Concept tested. Application layer DDoS attack types

Reference. https://learn.microsoft.com/en-us/azure/ddos-protection/ddos-attack-types

Topics

#DoS attack#Application layer attack#HTTP flood#Network security

Community Discussion

No community discussion yet for this question.

Full 350-501 Practice Browse All 350-501 Questions