29 Oct Practice Question: Network Attack Types
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Greg recently detected a system on his network that occasionally begins sending streams of TCP SYN packets to port 80 at a single IP address for several hours and then stops. It later resumes, but directs the packets at a different address. What type of attack is taking place?
A. Port scanning
B. IP scanning
C. SQL injection
Correct Answer: D.
This is a clear example of a distributed denial of service (DDoS) attack. The system is flooding the target with connection requests, hoping to overwhelm it. The port and IP address are not changing, so this is not indicative of a scanning attack. There is no indication that the connection is completed, so it cannot be a SQL injection attack.