Systems Security Certified Practitioner – SSCP – Question0860

What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets?

A.
SYN Flood attack
B. Smurf attack
C. Ping of Death attack
D. Denial of Service (DOS) attack

Correct Answer: B

Explanation:

Although it may cause a denial of service to the victim’s system, this type of attack is a Smurf attack. A SYN Flood attack uses up all of a system’s resources by setting up a number of bogus communication sockets on the victim’s system. A Ping of Death attack is done by sending IP packets that exceed the maximum legal length (65535 octets). Source: HARRIS, Shon, All-In-One CISSP Certification Exam Guide, McGraw-Hill/Osborne, 2002, chapter 11: Application and System Development (page 789).