Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) — Question 268

After a large influx of network traffic to externally facing devices, a security engineer begins investigating what appears to be a denial of service attack. When the packet capture data is reviewed, the engineer notices that the traffic is a single SYN packet to each port. Which type of attack is occurring?

Answer options

• A. traffic fragmentation
• B. port scanning
• C. host profiling
• D. SYN flood

Correct answer: B

Explanation

The correct answer is B, as port scanning involves sending packets to multiple ports to determine which ones are open or responsive. In contrast, a SYN flood attack would typically involve sending multiple SYN packets to overwhelm a target, while traffic fragmentation and host profiling do not accurately describe the scenario presented by the single SYN packet to each port.