CompTIA Security+ (SY0-701) — Question 95

A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Answer options

• A. Concurrent session usage
• B. Secure DNS cryptographic downgrade
• C. On-path resource consumption
• D. Reflected denial of service

Correct answer: D

Explanation

The correct answer is D, as the scenario describes a reflected denial of service attack where the DNS server is overwhelmed with traffic that is not the result of legitimate queries. The other options do not accurately describe the situation; concurrent session usage (A) pertains to active connections, secure DNS cryptographic downgrade (B) involves vulnerabilities in DNS security, and on-path resource consumption (C) would imply the resources are being used by legitimate traffic rather than a flood of malicious requests.