Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Eccouncil Discussions

Exam 312-49v10 topic 1 question 679 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 679
Topic #: 1
[All 312-49v10 Questions]

Recently, an internal web app that a government agency utilizes has become unresponsive. Betty, a network engineer for the government agency, has been tasked to determine the cause of the web application's unresponsiveness. Betty launches Wireshark and begins capturing the traffic on the local network. While analyzing the results, Betty noticed that a syn flood attack was underway. How did Betty know a syn flood attack was occurring?

  • A. Wireshark capture does not show anything unusual and the issue is related to the web application
  • B. Wireshark capture shows multiple ACK requests and SYN responses from single/multiple IP address(es)
  • C. Wireshark capture shows multiple SYN requests and RST responses from single/multiple IP address(es)
  • D. Wireshark capture shows multiple SYN requests and ACK responses from single/multiple IP address(es)
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by 581777a at Aug. 23, 2023, 9:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Elb
2 weeks, 1 day ago
Selected Answer: C
https://kb.mazebolt.com/knowledgebase/rst-syn-flood/
upvoted 1 times
...
581777a
8 months, 2 weeks ago
Selected Answer: C
C. Wireshark capture shows multiple SYN requests and RST responses from single/multiple IP address(es) In a SYN flood attack, the attacker sends a large number of SYN (synchronization) requests to a target server, often with spoofed IP addresses, in an attempt to overwhelm the server's resources and cause it to become unresponsive. When analyzing traffic using Wireshark, you might notice multiple SYN requests followed by RST (reset) responses. This is because the target server sends RST responses to the incoming SYN requests to indicate that it is not able to establish a full connection due to the flood of incoming SYN requests. This behavior is a characteristic sign of a SYN flood attack.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel