nerdexam
(ISC)2

CISSP · Question #657

What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?

The correct answer is B. Denial of Service (DoS). The 'Ping of Death' is a classic DoS attack that sends oversized ICMP echo request packets to crash or destabilize a target system. This falls under the broader Denial of Service category because it aims to make a system unavailable.

Submitted by minji_kr· Mar 5, 2026Communication and Network Security

Question

What type of attack sends Internet Control Message Protocol (ICMP) echo requests to the target machine with a larger payload than the target can handle?

Options

  • AMan-in-the-Middle (MITM)
  • BDenial of Service (DoS)
  • CDomain Name Server (DNS) poisoning
  • DBuffer overflow

How the community answered

(55 responses)
  • A
    4% (2)
  • B
    89% (49)
  • C
    5% (3)
  • D
    2% (1)

Why each option

The 'Ping of Death' is a classic DoS attack that sends oversized ICMP echo request packets to crash or destabilize a target system. This falls under the broader Denial of Service category because it aims to make a system unavailable.

AMan-in-the-Middle (MITM)

A Man-in-the-Middle attack involves intercepting and potentially altering communications between two parties, not sending malformed ICMP packets to crash a system.

BDenial of Service (DoS)Correct

A Denial of Service attack using oversized ICMP echo requests, known as the 'Ping of Death,' sends packets exceeding the maximum IP packet size of 65,535 bytes, causing the target system to crash, freeze, or reboot. Because the attack disrupts the availability of the target system rather than stealing data or intercepting communications, it is classified as a DoS attack. ICMP flood variants also fall under DoS by overwhelming the target with ping requests.

CDomain Name Server (DNS) poisoning

DNS poisoning involves corrupting a DNS resolver's cache to redirect users to malicious sites, which has no relation to sending oversized ICMP packets.

DBuffer overflow

A buffer overflow exploits insufficient input validation in software to overwrite adjacent memory, whereas the Ping of Death targets network stack handling of oversized ICMP packets at the OS/network level rather than a specific application buffer.

Concept tested: ICMP-based Denial of Service attack identification

Source: https://www.cisa.gov/uscert/ncas/tips/ST04-015

Topics

#Denial of Service#DoS attack#ICMP flood

Community Discussion

No community discussion yet for this question.

Full CISSP Practice