CompTIA CASP+ (CAS-003) — Question 333

An employee decides to log into an authorized system. The system does not prompt the employee for authentication prior to granting access to the console, and it cannot authenticate the network resources. Which of the following attack types can this lead to if it is not mitigated?

Answer options

• A. Memory leak
• B. Race condition
• C. Smurf
• D. Deadlock

Correct answer: C

Explanation

The correct answer is C, Smurf, as this type of attack exploits a lack of authentication and can lead to unauthorized access and amplification of traffic. Options A, B, and D refer to different issues unrelated to authentication vulnerabilities: a memory leak pertains to memory management, a race condition involves timing issues in processes, and a deadlock is about processes waiting indefinitely for resources.