Question 1
Which of the following statements about DoS attacks is correct? Select all that apply only 2 answers are correct.
1. Source address spoofing is commonly used in DoS attacks to hide attacker's identity.
2. Ingress filtering on routers near the target system could be used as countermeasure against source address spoofing.
3. SYN spoofing attack aims at overloading the network capacity on the link to a server by generating a large number of SYN connection requests with forged source addresses.
4. Ping of death attack sends malformed packets using ping command with spoofed source address
Answer)
2. Ingress filtering on routers near the target system could be used as countermeasure against source address spoofing.
4. Ping of death attack sends malformed packets using ping command with spoofed source address
The first option is incorrect as source address spoofing is commonly used in DDoS attacks and not in DoS attacks.
The second option is correct as ingress filtering is used to ensure that incoming packets are actually from the networks from which they claim to originate. This is used as a countermeasure against various spoofing attacks where the attacker's packets contain fake IP addresses to make it difficult to find the source of the attack.
Ping of Deathis a type of DoS attack in which an attacker attempts to destabalise the targeted computer by sending malformed or oversized packets using a simple ping command.Hence the fourth option is also correct.
Question 1 Which of the following statements about DoS attacks is correct? Select all that apply...
Question 1 Which of the following statements about DDoS, reflector, and amplifier attacks is correct? Select all that apply only 3 answers are correct. 1. DDoS attacks often include a network of compromised systems to form a botnet. 2. In reflector attacks, intermediary systems are often chosen to be high-capacity servers to generate high volume of response packets. 3. Both reflector and amplifier attacks require intermediaries with a spoofed source address of the attacker's machine. 4. Common services used in...