In the context of TCP-based DoS, which statement is true about half-open attacks and border firewalls?

Prepare for the Network Security Examination by mastering key concepts in cybersecurity. Utilize interactive questions and detailed explanations to enhance your knowledge. Excel in your exam with our comprehensive preparation resources!

Multiple Choice

In the context of TCP-based DoS, which statement is true about half-open attacks and border firewalls?

Explanation:
Half-open TCP attacks flood a server with incomplete handshakes (SYN requests that aren’t completed), which ties up memory and the backlog and can exhaust resources. A border firewall sits at the network edge and can cut this off before it reaches the target, using techniques like SYN cookies, rate-limiting, and dropping or throttling suspicious SYN packets. This kind of edge filtering provides protection without needing encryption and is relevant to services exposed to external networks, not just internal ones. So the statement about border firewalls mitigating half-open TCP DoS attacks is true.

Half-open TCP attacks flood a server with incomplete handshakes (SYN requests that aren’t completed), which ties up memory and the backlog and can exhaust resources. A border firewall sits at the network edge and can cut this off before it reaches the target, using techniques like SYN cookies, rate-limiting, and dropping or throttling suspicious SYN packets. This kind of edge filtering provides protection without needing encryption and is relevant to services exposed to external networks, not just internal ones. So the statement about border firewalls mitigating half-open TCP DoS attacks is true.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy