Learn about DDoS attacks, how to identify them by analyzing network traffic patterns, and effective mitigation strategies to protect your network infrastructure.
Table of Contents
Question
A security analyst notices an unusual amount of traffic hitting the edge of the network. Upon examining the logs, the analyst identifies a source IP address and blocks that address from communicating with the network. Even though the analyst is blocking this address, the attack is still ongoing and coming from a large number of different source IP addresses. Which of the following describes this type of attack?
A. DDoS
B. Privilege escalation
C. DNS poisoning
D. Buffer overflow
Answer
A. DDoS
Explanation
A Distributed Denial of Service (DDoS) attack is characterized by a large volume of traffic originating from multiple source IP addresses, overwhelming the target network or system. In this scenario, despite blocking the initially identified malicious IP address, the attack persists due to its distributed nature. The attacker is utilizing numerous compromised devices or a botnet to generate traffic from a wide range of IP addresses, making it difficult to block each individual source. This coordinated flood of requests aims to exhaust network resources and disrupt normal operations. Key indicators of a DDoS attack include a sudden surge in traffic from diverse sources and the ineffectiveness of blocking individual IP addresses in mitigating the attack.
CompTIA Security+ 2021 SY0-601 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ 2021 SY0-601 exam and earn CompTIA Security+ 2021 SY0-601 certification.