Which type of attack exhausts resources in network infrastructure devices by consuming connection state tables on devices like load balancers, firewalls, and application servers?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which type of attack exhausts resources in network infrastructure devices by consuming connection state tables on devices like load balancers, firewalls, and application servers?

Explanation:
Exhausting resources by forcing a device to maintain and track many connections is a protocol-level resource challenge. Load balancers, firewalls, and application servers keep per-connection state to enforce rules, route traffic, and apply policies. When an attacker sends a flood of connection attempts or malformed protocol messages, the device has to allocate state entries for each one. As these state entries accumulate, memory and processing power get consumed, and the state table can fill up. Once that table is full, new legitimate connections can’t be established and existing ones may be dropped, causing service disruption. This behavior is the hallmark of a protocol attack, because it works by exploiting how the protocol state is managed rather than merely flooding bandwidth or abusing a specific protocol’s payload. ICMP flood and Smurf attacks focus more on overwhelming bandwidth or abusing ICMP-based amplification, not on state-table exhaustion. While a blanket DoS covers disruption too, the mechanism described—consuming connection state entries—fits the protocol attack category best.

Exhausting resources by forcing a device to maintain and track many connections is a protocol-level resource challenge. Load balancers, firewalls, and application servers keep per-connection state to enforce rules, route traffic, and apply policies. When an attacker sends a flood of connection attempts or malformed protocol messages, the device has to allocate state entries for each one. As these state entries accumulate, memory and processing power get consumed, and the state table can fill up. Once that table is full, new legitimate connections can’t be established and existing ones may be dropped, causing service disruption.

This behavior is the hallmark of a protocol attack, because it works by exploiting how the protocol state is managed rather than merely flooding bandwidth or abusing a specific protocol’s payload. ICMP flood and Smurf attacks focus more on overwhelming bandwidth or abusing ICMP-based amplification, not on state-table exhaustion. While a blanket DoS covers disruption too, the mechanism described—consuming connection state entries—fits the protocol attack category best.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy