Which DDoS attack floods the target with spoofed ACK and PUSH ACK packets, rendering the system non-functional?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which DDoS attack floods the target with spoofed ACK and PUSH ACK packets, rendering the system non-functional?

Explanation:
The attack described targets the transport layer by flooding the target with spoofed TCP control packets, specifically ACK and PSH-ACK packets, to exhaust the device’s connection-state resources. In TCP, the server keeps state for each active or half-open connection. When a flood of ACK and PSH-ACK packets arrives, the server must process and track these packets, allocate memory for potential connections, and sometimes generate responses. Because the packets can be spoofed, responses go to forged addresses, yet the attacker’s flood still ties up CPU, memory, and network bandwidth. This relentless consumption can render the service unusable for legitimate users. This option is the best fit because it directly describes a TCP-based flood using spoofed control packets (ACK and PSH-ACK) that overwhelms the target, rather than an application-layer flood like HTTP GET or POST requests. While other answers mention spoofed ACKs or generic session floods, the inclusion of PUSH ACK (PSH-ACK) packets in the description aligns with the specific mechanism of flooding transport-layer state.

The attack described targets the transport layer by flooding the target with spoofed TCP control packets, specifically ACK and PSH-ACK packets, to exhaust the device’s connection-state resources. In TCP, the server keeps state for each active or half-open connection. When a flood of ACK and PSH-ACK packets arrives, the server must process and track these packets, allocate memory for potential connections, and sometimes generate responses. Because the packets can be spoofed, responses go to forged addresses, yet the attacker’s flood still ties up CPU, memory, and network bandwidth. This relentless consumption can render the service unusable for legitimate users.

This option is the best fit because it directly describes a TCP-based flood using spoofed control packets (ACK and PSH-ACK) that overwhelms the target, rather than an application-layer flood like HTTP GET or POST requests. While other answers mention spoofed ACKs or generic session floods, the inclusion of PUSH ACK (PSH-ACK) packets in the description aligns with the specific mechanism of flooding transport-layer state.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy