EC-Council
EC0-350 · Question #115
EC0-350 Question #115: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #115. The question stem and answer options stay visible for context.
Question
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?
Options
- AAttacker generates TCP SYN packets with random destination addresses towards a victim host
- BAttacker floods TCP SYN packets with random source addresses towards a victim host
- CAttacker generates TCP ACK packets with random source addresses towards a victim host
- DAttacker generates TCP RST packets with random source addresses towards a victim host
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.