EC-Council
EC0-350 · Question #165
EC0-350 Question #165: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #165. The question stem and answer options stay visible for context.
Question
After a client sends a connection request (SYN) packet to the server, the server will respond (SYN- ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn't see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server. What attacks can you successfully launch against a server using the above technique?
Options
- ADenial of Service attacks
- BSession Hijacking attacks
- CWeb page defacement attacks
- DIP spoofing attacks
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.