nerdexam
ExamsGCIHQuestions#374
GIAC

GCIH · Question #374

GCIH Question #374: Real Exam Question with Answer & Explanation

The correct answer is B: It sends many SYN packets to a target machine from a spoofed address. When a client and server establish a normal TCP three-way handshake, the exchange looks like 1. Client requests connection by sending SYN (synchronize) message to the server. 2. Server acknowledges by sending SYN-ACK (synchronize-acknowledge) message back to the 3. Client respond

Question

How does an attacking host initiate a SYN flood attack?

Options

  • AIt sends many SYN-ACK packets to a target machine from a spoofed address
  • BIt sends many SYN packets to a target machine from a spoofed address
  • CIt sends many SYN-RST packets to a target machine from a spoofed address
  • DIt sends many SYN-FIN packets to a target machine from a spoofed address

Explanation

When a client and server establish a normal TCP three-way handshake, the exchange looks like 1. Client requests connection by sending SYN (synchronize) message to the server. 2. Server acknowledges by sending SYN-ACK (synchronize-acknowledge) message back to the 3. Client responds with an ACK (acknowledge) message, and the connection is established.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice