GIAC
GCIH · Question #470
GCIH Question #470: Real Exam Question with Answer & Explanation
The correct answer is B: Local-based Exhausting Resources. Malware running on the server itself that consumes 100% CPU is a local attack that exhausts a system resource rather than stopping a specific service or originating from the network.
Malware Analysis & Advanced Persistent Threats
Question
Mike uncovers malware on a web server that is triggering 100% CPU utilization which prevents other processes from launching. What category of Denial of Service attacks does he place these attacks?
Options
- ANetwork-based Stopping Services
- BLocal-based Exhausting Resources
- CNetwork-based Exhausting Resources
- DLocal-based Stopping Services
Explanation
Malware running on the server itself that consumes 100% CPU is a local attack that exhausts a system resource rather than stopping a specific service or originating from the network.
Common mistakes.
- A. Network-based stopping services describes attacks delivered over the network that terminate specific services, which does not match malware already resident on the host consuming CPU.
- C. Network-based exhausting resources applies to attacks like flood-based DoS that saturate bandwidth or network-layer resources from an external source, not local malware CPU consumption.
- D. Local-based stopping services would describe an attack that kills or disables a specific process or service on the host, not one that simply starves all processes of CPU cycles.
Concept tested. DoS attack classification - local resource exhaustion
Topics
#local DoS#CPU exhaustion#resource exhaustion#malware impact
Community Discussion
No community discussion yet for this question.