Which of the following types of attacks is targeting a Web server with multiple compromised
computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP
addresses?
A.
DDoS attack
B.
Evasion attack
C.
Insertion attack
D.
Dictionary attack
Explanation:
A distributed denial of service (DDoS) attack targets a Web server with multiple
compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP
source IP addresses. DDoS attack occurs when multiple compromised systems flood the
bandwidth or resources of a targeted system, usually one or more Web servers. These systems
are compromised by attackers using a variety of methods. It is an attempt to make a computer
resource unavailable to its intended users. This type of attack can cause the following to occur:
Saturate network resources. Disrupt connections between two computers, thereby preventing
incorrect. Dictionary attack is a type of password guessing attack. This type of attack uses a
dictionary of common words to find out the password of a user. It can also use common words in
either upper or lower case to find a password. There are many programs available on the Internet
accepts a packet and assumes that the host computer will also accept it. But in reality, when a
host system rejects the packet, the IDS accepts the attacking string that will exploit vulnerabilities
incorrect. An evasion attack is one in which an IDS rejects a malicious packet but the host
computer accepts it. Since an IDS has rejected it, it does not check the contents of the packet.
Hence, using this technique, an attacker can exploit the host computer. In many cases, it is quite
simple for an attacker to send such data packets that can easily perform evasion attacks on an
IDSs.