GIAC
GCIH · Question #79
GCIH Question #79: Real Exam Question with Answer & Explanation
The correct answer is A: Denial-of-Service. A Denial-of-Service attack floods a network or server with excessive traffic, which explains the observed increase in network utilization and the resulting degradation in SQL Server database performance.
Incident Response & Cyber Kill Chain
Question
James works as a Database Administrator for Techsoft Inc. The company has a SQL Server 2005 computer. The computer has a database named Sales. Users complain that the performance of the database has deteriorated. James opens the System Monitor tool and finds that there is an increase in network traffic. What kind of attack might be the cause of the performance deterioration?
Options
- ADenial-of-Service
- BInjection
- CInternal attack
- DVirus
Explanation
A Denial-of-Service attack floods a network or server with excessive traffic, which explains the observed increase in network utilization and the resulting degradation in SQL Server database performance.
Common mistakes.
- B. A SQL injection attack manipulates database queries through malicious input and would more likely cause unauthorized data access or corruption rather than a noticeable spike in network traffic.
- C. An internal attack describes a threat originating from inside the organization and is a threat source category, not a specific attack type that uniquely explains high network traffic.
- D. A virus infects files and can degrade performance, but it would not specifically manifest as increased network traffic in System Monitor without other supporting indicators.
Concept tested. Identifying DoS attack via network traffic symptoms
Topics
#DoS identification#network traffic anomaly#performance degradation analysis#database attacks
Community Discussion
No community discussion yet for this question.