Which attack spoofs the victim's IP address and sends a large number of ICMP ECHO requests to an IP broadcast network, amplifying traffic?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack spoofs the victim's IP address and sends a large number of ICMP ECHO requests to an IP broadcast network, amplifying traffic?

Explanation:
This attack hinges on spoofing the source IP and abusing a broadcast network to multiply ICMP responses toward the victim. The attacker sends ICMP Echo Request packets to a network’s broadcast address while disguising the source as the victim’s IP. Every host on that broadcast domain replies to the spoofed address, causing a flood of ICMP Echo Replies directed at the victim. The result is a large amplification of traffic aimed at the victim, which is characteristic of a Smurf attack. Modern defenses counter this by disabling IP-directed broadcasts on routers, implementing anti-spoofing measures to prevent forged source addresses, enabling ICMP rate limiting, and configuring hosts not to respond to broadcast pings. The other options describe different issues: a Ping of Death involves oversized packets; a UDP flood targets UDP services rather than ICMP; a generic ICMP flood doesn’t rely on broadcast amplification.

This attack hinges on spoofing the source IP and abusing a broadcast network to multiply ICMP responses toward the victim. The attacker sends ICMP Echo Request packets to a network’s broadcast address while disguising the source as the victim’s IP. Every host on that broadcast domain replies to the spoofed address, causing a flood of ICMP Echo Replies directed at the victim. The result is a large amplification of traffic aimed at the victim, which is characteristic of a Smurf attack. Modern defenses counter this by disabling IP-directed broadcasts on routers, implementing anti-spoofing measures to prevent forged source addresses, enabling ICMP rate limiting, and configuring hosts not to respond to broadcast pings. The other options describe different issues: a Ping of Death involves oversized packets; a UDP flood targets UDP services rather than ICMP; a generic ICMP flood doesn’t rely on broadcast amplification.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy