Which router feature protects TCP servers from a TCP SYN-flooding attack?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which router feature protects TCP servers from a TCP SYN-flooding attack?

Explanation:
A key defense concept here is reducing how many half-open TCP connections a server has to handle during a flood. A router feature that does this works as a TCP proxy in front of the protected server. It intercepts incoming SYNs, completes the handshake with the client itself, and then forwards a controlled connection to the real server (or handles the handshake on behalf of the server). By doing so, it absorbs the burden of the flood and enforces connection limits, preventing the server from becoming overwhelmed. This mechanism is known as TCP Intercept. The other options are not about protecting a server from a SYN flood: HOIC and LOIC are attack tools used to generate traffic, not defenses, and Wavelet-Based Signal Analysis is a technique for analyzing signals, not a router feature for mitigating SYN floods.

A key defense concept here is reducing how many half-open TCP connections a server has to handle during a flood. A router feature that does this works as a TCP proxy in front of the protected server. It intercepts incoming SYNs, completes the handshake with the client itself, and then forwards a controlled connection to the real server (or handles the handshake on behalf of the server). By doing so, it absorbs the burden of the flood and enforces connection limits, preventing the server from becoming overwhelmed. This mechanism is known as TCP Intercept.

The other options are not about protecting a server from a SYN flood: HOIC and LOIC are attack tools used to generate traffic, not defenses, and Wavelet-Based Signal Analysis is a technique for analyzing signals, not a router feature for mitigating SYN floods.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy