CPMAD can be configured to monitor successive multiple connections. What is it trying to prevent
when it does this?
A.
A land attack
B.
A possible denial of service attack
C.
Port scanning
D.
Spoofing
Explanation:
: When CPMAD (Checkpoint Malicious Activity Detector) monitor multiple successive
connections, its obviously trying to prevent a DoS attack, this is because DoS attacks usually
come with a great number of connections to the server being attacked, we can take the example
of a SynFlood that in the attack never completes the third step of the 3 way TCP handshake, itnever sends the ACK, this makes the attacked server to allocate memory to connections that will
never be completed, with thousands of this uncompleted connections the protocol stack at the
server gets an overflow and crash the O.S.