Which DDoS attack floods the target with a large number of SYN requests containing spoofed source IPs, exhausting half-open connections?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which DDoS attack floods the target with a large number of SYN requests containing spoofed source IPs, exhausting half-open connections?

Explanation:
Understanding how a TCP SYN flood abuses the TCP handshake to exhaust server resources. In this attack, a flood of SYN packets is sent to the target, often with spoofed source IPs. Each SYN prompts the server to allocate state and respond with a SYN-ACK, waiting for the final ACK that never arrives because the sources are spoofed. The result is many half-open connections filling the backlog, preventing legitimate clients from completing the handshake and establishing new connections. This is the hallmark of a SYN Flood Attack. Why the other options don’t fit: flooding with SYN-ACKs targets the response path rather than initiating new half-open connections; an HTTP GET attack floods the application layer with requests, not the TCP handshake state; a fragmentation attack exploits packet fragmentation to strain reassembly or bypass filters, not to exhaust TCP connection state.

Understanding how a TCP SYN flood abuses the TCP handshake to exhaust server resources. In this attack, a flood of SYN packets is sent to the target, often with spoofed source IPs. Each SYN prompts the server to allocate state and respond with a SYN-ACK, waiting for the final ACK that never arrives because the sources are spoofed. The result is many half-open connections filling the backlog, preventing legitimate clients from completing the handshake and establishing new connections. This is the hallmark of a SYN Flood Attack.

Why the other options don’t fit: flooding with SYN-ACKs targets the response path rather than initiating new half-open connections; an HTTP GET attack floods the application layer with requests, not the TCP handshake state; a fragmentation attack exploits packet fragmentation to strain reassembly or bypass filters, not to exhaust TCP connection state.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy