Henry is an attacker and wants to gain control of a system and use it to flood a target system with requests, so as to prevent legitimate users from gaining access. What type of attack is Henry using?
A.
Henry is using a denial of service attack which is a valid threat used by an attacker
B.
Henry uses poorly designed input validation routines to create or alter commands to gain access to unintended data or execute commands
C.
Henry is executing commands or viewing data outside the intended target path
D.
Henry is taking advantage of an incorrect configuration that leads to access with higher-than-expected privilege
Explanation:
Henry’s intention is to perform a DoS attack against his target, possibly a DDoS attack. He uses systems other than his own to perform the attack in order to cover the tracks back to him and to get more “punch” in the DoS attack if he uses multiple systems.
Correct answer is A