A systems administrator is advised that an external web server is not functioning property. The administrator reviews the following firewall logs containing traffic going to the web server:
Which of the following attacks is likely occurring?
Exam SY0-701 All QuestionsBrowse all questions from this exam
Question 178
Correct Answer: A
The presence of multiple SYN packets from different source IP addresses to the same destination IP address and port (443) indicates a possible Distributed Denial of Service (DDoS) attack. This pattern suggests an attempt to overload the web server with connection requests, a common characteristic of a SYN flood, which is a type of DDoS attack. Unlike other options such as directory traversal, brute-force, or HTTPS downgrade, the repetitive SYN requests from various sources align specifically with the behavior of a DDoS attack.
Discussion
MAKOhunter33333333Option: A
DDOS via syn attack
ezmoneyOption: A
all of those SYN messages prove this is a DDos attack.
Shaman73Option: A
A. DDoS