ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 385 discussion

Actual exam question from Cisco's 200-201
Question #: 385
Topic #: 1
[All 200-201 Questions]



Refer to the exhibit. What is occurring in this network traffic?

  • A. legitimate network traffic
  • B. flood of SYN-ACK packets
  • C. ICMP flood
  • D. flood of SYN packets
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by mgo28404 at Jan. 19, 2025, 7:48 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mgo28404
5 months ago
Selected Answer: D
The correct answer is: D. Flood of SYN packets Why ? : From the exhibit: The traffic shows multiple TCP SYN packets with the [SYN] flag being set, originating from various source IP addresses to port 443 (HTTPS) on the destination. SYN packets are used during the initial handshake of a TCP connection. A flood of such packets is indicative of a SYN flood attack, which is a type of DoS (Denial-of-Service) attack that overwhelms the target with incomplete TCP handshakes. There is no corresponding SYN-ACK or ACK traffic, indicating that the handshake is not being completed. While ICMP echo requests and replies are present, they do not indicate an ICMP flood (option C) since the volume is low and consistent with normal ping traffic.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel