Exam 312-50v13 topic 1 question 83 discussion

The attack uses slow, incomplete HTTP requests to exhaust server resources at the application layer — a clear sign of a: ✅ Slowloris attack (Option B).

Slowloris is the correct answer.

Correct: B Slowloris tries to keep many connections to the target web server open and hold them open as long as possible. It accomplishes this by opening connections to the target web server and sending a partial request. Periodically, it will send subsequent HTTP headers, adding to, but never completing, the request. Affected servers will keep these connections open, filling their maximum concurrent connection pool. Incorrect: Phlashing = attack when an attacker bricks a device or destroys firmware, rendering the device or an entire system useless. Exploit vulnerabilities and replace a device’s basic software with a corrupt firmware image. (kind of Permanent DoS - PDoS) Session splicing - IDS/IPS evasion technique - different to fragmentation as it concerns sending just the HTTP payload of the data in chunks with the sole purpose of preventing a Raw Analysis Network ID System from successfully detecting a string matc A simple way of splitting packets is by fragmenting them, but an adversary can also simply craft packets with small payloads.[1] The 'whisker' evasion tool calls crafting packets with small payloads 'session splicing'.