Which attack includes multiple methods to target a service at the application layer and beyond?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack includes multiple methods to target a service at the application layer and beyond?

Explanation:
Multi-vector DDoS attacks are designed to overwhelm a service by using several different methods at once, hitting multiple layers of the stack. This means combining techniques that exhaust network capacity, protocol handling, and application resources. By targeting the service at the application layer (Layer 7) and beyond, these attacks can overwhelm the web server with page requests while also consuming bandwidth, connection tables, or intermediate devices, making mitigation much harder because multiple signals must be filtered or blocked simultaneously. For example, an attacker might flood bandwidth with volumetric traffic while also sending slow, resource-intensive requests to keep connections open and tie up server threads, alongside a separate attack that targets DNS or other infrastructure. This layered, multi-pronged approach is what defines a multi-vector DDoS. In contrast, a GET flood focuses on a single application-layer method—overwhelming the server with HTTP GET requests. PDoS refers to damaging hardware or firmware to render devices unusable, not a coordinated set of application-layer and network methods. Slowloris is a single-vector attack that opens many slow HTTP connections to exhaust a web server’s resources.

Multi-vector DDoS attacks are designed to overwhelm a service by using several different methods at once, hitting multiple layers of the stack. This means combining techniques that exhaust network capacity, protocol handling, and application resources. By targeting the service at the application layer (Layer 7) and beyond, these attacks can overwhelm the web server with page requests while also consuming bandwidth, connection tables, or intermediate devices, making mitigation much harder because multiple signals must be filtered or blocked simultaneously.

For example, an attacker might flood bandwidth with volumetric traffic while also sending slow, resource-intensive requests to keep connections open and tie up server threads, alongside a separate attack that targets DNS or other infrastructure. This layered, multi-pronged approach is what defines a multi-vector DDoS.

In contrast, a GET flood focuses on a single application-layer method—overwhelming the server with HTTP GET requests. PDoS refers to damaging hardware or firmware to render devices unusable, not a coordinated set of application-layer and network methods. Slowloris is a single-vector attack that opens many slow HTTP connections to exhaust a web server’s resources.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy