What is called an attack in which an attacker floods a system with connection requests but does not respond
when the target system replies to those requests?
A.
Ping of death attack
B.
SYN attack
C.
Smurf attack
D.
Buffer overflow attack
Explanation:
A SYN flood DoS attack where an attacker sends a succession of SYN packets with the goal of overwhelming
the victim system so that it is unresponsive to legitimate traffic.
Incorrect Answers:
A: The Ping of Death attack is based upon the use of oversized ICMP packets. It is not based on flooding the
system with connection requests.
C: In a smurf attack the attacker sends an ICMP ECHO REQUEST packet, not a connection request, with a
spoofed source address to a victim’s network broadcast address.
D: In Buffer overflow attack is an anomaly where a program, while writing data to a buffer (not sending
connection requests), overruns the buffer’s boundary and overwrites adjacent memory locations.
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 549