A DoS attack that uses TCP flags is called a ________ attack.

Prepare for the Network Security Examination by mastering key concepts in cybersecurity. Utilize interactive questions and detailed explanations to enhance your knowledge. Excel in your exam with our comprehensive preparation resources!

Multiple Choice

A DoS attack that uses TCP flags is called a ________ attack.

Explanation:
The idea tested is that this type of DoS floods the server by exploiting the TCP three-way handshake, leaving connections in an unfinished state. In a half-open attack, the attacker sends many SYN packets to start new connections, often with spoofed IPs. The server allocates resources and replies with SYN-ACK, but the final ACK from the client never arrives, so those connections stay half-open. Those half-open states consume server resources (memory and backlog entries), eventually preventing legitimate users from establishing connections. That’s why this is called a half-open attack—the connection is initiated but never completed. The term half-close isn’t used for this kind of attack, and the option suggesting both or neither doesn’t apply here.

The idea tested is that this type of DoS floods the server by exploiting the TCP three-way handshake, leaving connections in an unfinished state. In a half-open attack, the attacker sends many SYN packets to start new connections, often with spoofed IPs. The server allocates resources and replies with SYN-ACK, but the final ACK from the client never arrives, so those connections stay half-open. Those half-open states consume server resources (memory and backlog entries), eventually preventing legitimate users from establishing connections. That’s why this is called a half-open attack—the connection is initiated but never completed.

The term half-close isn’t used for this kind of attack, and the option suggesting both or neither doesn’t apply here.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy