nerdexam
(ISC)2

CISSP · Question #1473

What is the purpose of an Internet Protocol (IP) spoofing attack?

The correct answer is D. To convince a system that it is communicating with a known entity. IP spoofing involves forging the source IP address in packets to impersonate a trusted host, deceiving the target system into believing it is communicating with a known, legitimate entity.

Submitted by jaden.t· Mar 5, 2026Communication and Network Security

Question

What is the purpose of an Internet Protocol (IP) spoofing attack?

Options

  • ATo send excessive amounts of data to a process, making it unpredictable
  • BTo intercept network traffic without authorization
  • CTo disguise the destination address from a target's IP filtering devices
  • DTo convince a system that it is communicating with a known entity

How the community answered

(65 responses)
  • A
    3% (2)
  • B
    2% (1)
  • C
    5% (3)
  • D
    91% (59)

Why each option

IP spoofing involves forging the source IP address in packets to impersonate a trusted host, deceiving the target system into believing it is communicating with a known, legitimate entity.

ATo send excessive amounts of data to a process, making it unpredictable

Sending excessive data to overwhelm a process describes a buffer overflow attack, not IP spoofing.

BTo intercept network traffic without authorization

Intercepting network traffic without authorization describes a packet sniffing or man-in-the-middle attack, which is a passive or interception-based technique rather than address forgery.

CTo disguise the destination address from a target's IP filtering devices

IP spoofing falsifies the source address, not the destination address; disguising the destination address does not accurately describe the mechanism or goal of IP spoofing.

DTo convince a system that it is communicating with a known entityCorrect

IP spoofing works by falsifying the source IP address in packet headers so the receiving system believes the traffic originates from a trusted or known host. This deception is the core purpose of the attack, enabling the attacker to bypass trust-based authentication, hijack sessions, or facilitate other attacks like reflected DDoS by exploiting the target's belief in the sender's identity.

Concept tested: IP spoofing attack purpose and mechanism

Source: https://www.cisa.gov/news-events/news/understanding-denial-service-attacks

Topics

#IP spoofing#Network attacks#Impersonation#Network security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice