SANS SEC504: Hacker Tools, Techniques and Incident Handling — Question 30

You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast traffic. What is this most likely to be an indicator of?

Answer options

• A. Virus
• B. Syn flood
• C. Misconfigured router
• D. DoS attack

Correct answer: D

Explanation

A sudden rise in broadcast traffic is typically indicative of a Denial of Service (DoS) attack, as attackers often flood the network with excessive requests. While a virus could also cause increased traffic, the specific nature of broadcast traffic typically aligns more closely with a DoS scenario. A syn flood specifically targets TCP connections, and a misconfigured router would generally produce different symptoms.