CISSP · Question #53
In a basic SYN flood attack, what is the attacker attempting to achieve?
The correct answer is A. Exceed the threshold limit of the connection queue for a given service. A SYN flood attack is a type of denial-of-service attack that exploits the TCP three-way handshake process. The attacker sends a large number of SYN packets to the target server, often with spoofed IP addresses, and does not complete the handshake by sending the final ACK packet.
Question
In a basic SYN flood attack, what is the attacker attempting to achieve?
Options
- AExceed the threshold limit of the connection queue for a given service
- BSet the threshold to zero for a given service
- CCause the buffer to overflow, allowing root access
- DFlush the register stack, allowing hijacking of the root account
How the community answered
(40 responses)- A85% (34)
- B8% (3)
- C3% (1)
- D5% (2)
Explanation
A SYN flood attack is a type of denial-of-service attack that exploits the TCP three-way handshake process. The attacker sends a large number of SYN packets to the target server, often with spoofed IP addresses, and does not complete the handshake by sending the final ACK packet. This causes the server to allocate resources for half-open connections, which eventually consume all the available ports and prevent legitimate traffic from reaching the server
Topics
Community Discussion
No community discussion yet for this question.