Which attack floods the server by sending a high volume of SYN-ACK packets in response to client SYNs, attempting to exhaust resources during the handshake?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack floods the server by sending a high volume of SYN-ACK packets in response to client SYNs, attempting to exhaust resources during the handshake?

Explanation:
The concept being tested is how resources are consumed during the TCP handshake. When a client sends a SYN, the server must allocate state and respond with a SYN-ACK while waiting for the final ACK. Flooding the server with a high volume of SYN-ACK responses in reaction to incoming SYNs drives the target to generate many handshake responses, consuming CPU, memory, and backlog queue space. This type of activity is known as a SYN-ACK flood attack, because the attack overwhelms the server by inundating it with synchronization-acknowledgment packets during the handshake. The other options describe different attack vectors—an HTTP POST attack targets application data, while a spoofed-ACK session flood disrupts established sessions rather than the handshake itself.

The concept being tested is how resources are consumed during the TCP handshake. When a client sends a SYN, the server must allocate state and respond with a SYN-ACK while waiting for the final ACK. Flooding the server with a high volume of SYN-ACK responses in reaction to incoming SYNs drives the target to generate many handshake responses, consuming CPU, memory, and backlog queue space. This type of activity is known as a SYN-ACK flood attack, because the attack overwhelms the server by inundating it with synchronization-acknowledgment packets during the handshake. The other options describe different attack vectors—an HTTP POST attack targets application data, while a spoofed-ACK session flood disrupts established sessions rather than the handshake itself.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy