PrepAway - Latest Free Exam Questions & Answers

What is called an attack where the attacker spoofs the …

What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet
so it seems to have originated at the victim’s system, in order to flood it with REPLY packets?

PrepAway - Latest Free Exam Questions & Answers

A.
SYN Flood attack

B.
Smurf attack

C.
Ping of Death attack

D.
Denial of Service (DoS) attack

Explanation:
In a Smurf attack the attacker sends an ICMP ECHO REQUEST packet with a spoofed source address to a
victim’s network broadcast address. This means that each system on the victim’s subnet receives an ICMP
ECHO REQUEST packet. Each system then replies to that request with an ICMP ECHO REPLY packet to the
spoof address provided in the packets—which is the victim’s address.
Incorrect Answers:A: A Syn flood attack does not involve spoofing and ICMP ECHO broadcasts. A SYN flood is a form of denialof-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to
consume enough server resources to make the system unresponsive to legitimate traffic.
C: A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise
malicious ping to a computer. It could cause a buffer overflow, but it does not involve ICMP ECHO broadcast
packets
D: A DoS attack does not use spoofing or ICMP ECHO broadcasts. In a DoS attack the attacker sends a
succession of SYN requests to a target’s system in an attempt to consume enough server resources to make
the system unresponsive to legitimate traffic.

Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 587


Leave a Reply