Understanding Cisco Cybersecurity Fundamentals (SECFND, legacy) — Question 84

A user reports difficulties accessing certain external web pages. When examining traffic to and from the external domain in full packet captures, you notice many
SYNs that have the same sequence number, source, and destination IP address, but have different payloads. Which problem is a possible explanation of this situation?

Answer options

• A. insufficient network resources
• B. failure offull packet capture solution
• C. misconfiguration of web filter
• D. TCP injection

Correct answer: D

Explanation

The correct answer is D, TCP injection, as this attack involves sending packets with manipulated sequence numbers to disrupt the TCP connection. Option A, insufficient network resources, would not specifically cause identical sequence numbers. Option B, failure of full packet capture solution, does not explain why the SYNs have the same sequence number. Option C, misconfiguration of web filter, would not lead to the observed packet behavior either.