PrepAway - Latest Free Exam Questions & Answers

A distributed denial of service attack can BEST be described as:

A distributed denial of service attack can BEST be described as:

PrepAway - Latest Free Exam Questions & Answers

A.
Invalid characters being entered into a field in a database application.

B.
Users attempting to input random or invalid data into fields within a web browser application.

C.
Multiple computers attacking a single target in an organized attempt to deplete its resources.

D.
Multiple attackers attempting to gain elevated privileges on a target system.

Explanation:
A Distributed Denial of Service (DDoS) attack is an attack from several different computers targeting a
single computer.
One common method of attack involves saturating the target machine with external communications
requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered
essentially unavailable. Such attacks usually lead to a server overload.A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or
resources of a targeted system, usually one or more web servers. Such an attack is often the result of
multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a
server is overloaded with connections, new connections can no longer be accepted. The major
advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can
generate more attack traffic than one machine, multiple attack machines are harder to turn off than one
attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track
and shut down. These attacker advantages cause challenges for defense mechanisms. For example,
merely purchasing more incoming bandwidth than the current volume of the attack might not help,
because the attacker might be able to simply add more attack machines. This after all will end up
completely crashing a website for periods of time.
Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its
DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the
target IP address prior to release of the malware and no further interaction was necessary to launch the
attack.
Incorrect Answers:
A: Invalid characters being entered into a field in a database application does not describe a DDoS attack.
B: Users attempting to input random or invalid data into fields within a web browser application does not
describe a DDoS attack.
D: Multiple attackers attempting to gain elevated privileges on a target system does not describe a DDoS
attack. In “distributed denial-of-service”, distributed means multiple computers, not multiple attackers.

http://en.wikipedia.org/wiki/Denial-of-service_attack


Leave a Reply