CISSP · Question #657
What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?
The correct answer is B. Denial of Service (DoS). The 'Ping of Death' is a classic DoS attack that sends oversized ICMP echo request packets to crash or destabilize a target system. This falls under the broader Denial of Service category because it aims to make a system unavailable.
Question
What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?
Options
- AMan-in-the-Middle (MITM)
- BDenial of Service (DoS)
- CDomain Name Server (DNS) poisoning
- DBuffer overflow
How the community answered
(55 responses)- A4% (2)
- B89% (49)
- C5% (3)
- D2% (1)
Why each option
The 'Ping of Death' is a classic DoS attack that sends oversized ICMP echo request packets to crash or destabilize a target system. This falls under the broader Denial of Service category because it aims to make a system unavailable.
A Man-in-the-Middle attack involves intercepting and potentially altering communications between two parties, not sending malformed ICMP packets to crash a system.
A Denial of Service attack using oversized ICMP echo requests, known as the 'Ping of Death,' sends packets exceeding the maximum IP packet size of 65,535 bytes, causing the target system to crash, freeze, or reboot. Because the attack disrupts the availability of the target system rather than stealing data or intercepting communications, it is classified as a DoS attack. ICMP flood variants also fall under DoS by overwhelming the target with ping requests.
DNS poisoning involves corrupting a DNS resolver's cache to redirect users to malicious sites, which has no relation to sending oversized ICMP packets.
A buffer overflow exploits insufficient input validation in software to overwrite adjacent memory, whereas the Ping of Death targets network stack handling of oversized ICMP packets at the OS/network level rather than a specific application buffer.
Concept tested: ICMP-based Denial of Service attack identification
Source: https://www.cisa.gov/uscert/ncas/tips/ST04-015
Topics
Community Discussion
No community discussion yet for this question.