CompTIA PenTest+ (PT0-003) — Question 151

A penetration tester wants to attack a server, exhausting its resources and making it unavailable to legitimate users. Which of the following attacks would be best to achieve this result?

Answer options

• A. IP spoofing
• B. TCP hijacking
• C. Port redirection
• D. SYN flooding

Correct answer: D

Explanation

The correct answer is D, SYN flooding, as it specifically targets the TCP handshake process to overwhelm the server with connection requests, exhausting its resources. The other options, while potentially harmful, do not directly focus on resource depletion or server unavailability in the same manner as a SYN flood does.