New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CSSLP Exam - Topic 4 Question 106 Discussion

Actual exam question for ISC2's CSSLP exam
Question #: 106
Topic #: 4
[All CSSLP Questions]

Which of the following types of signatures is used in an Intrusion Detection System to trigger on attacks that attempt to reduce the level of a resource or system, or to cause it to crash?

Show Suggested Answer Hide Answer
Suggested Answer: C

Following are the basic categories of signatures:

Informational (benign): These types of signatures trigger on normal network activity. For example:

ICMP echo requests

The opening or closing of TCP or UDP connections

Reconnaissance: These types of signatures trigger on attacks that uncover resources and hosts that are reachable, as well as any

possible vulnerabilities that they might contain. For example:

Reconnaissance attacks include ping sweeps

DNS queries

Port scanning

Access: These types of signatures trigger on access attacks, which include unauthorized access, unauthorized escalation of privileges,

and access to protected or sensitive data. For example:

Back Orifice

A Unicode attack against the Microsoft IIS

NetBus

DoS: These types of signatures trigger on attacks that attempt to reduce the level of a resource or system, or to cause it to crash. For

example:

TCP SYN floods

The Ping of Death

Smurf

Fraggle

Trinoo

Tribe Flood Network


by Alfred at Nov 23, 2025, 03:19 PM

Limited Time Offer

25%

Off

Get Premium CSSLP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tanja
12 hours ago
Really? I’m surprised it’s not A) Access, that seems more fitting.
upvoted 0 times
...
Ozell
6 days ago
C) DoS makes the most sense, totally agree!
upvoted 0 times
...
Ruth
11 days ago
No way, I thought Reconnaissance was the answer!
upvoted 0 times
...
Tawna
16 days ago
I thought it was A) Access, but now I see the point.
upvoted 0 times
...
Ma
21 days ago
Haha, DoS attacks? More like "Denial of Service" to my sanity! C is the way to go.
upvoted 0 times
...
Vinnie
26 days ago
C) DoS, no doubt. Wouldn't want my system to crash and burn because of some malicious activity.
upvoted 0 times
...
Carylon
1 month ago
I'm going with C. Gotta watch out for those pesky DoS attacks, am I right?
upvoted 0 times
...
Joana
1 month ago
Definitely C. DoS attacks are the bane of every IT admin's existence.
upvoted 0 times
...
Dewitt
1 month ago
I’m a bit confused; I thought reconnaissance was more about gathering information rather than crashing systems. So, I guess it’s not D).
upvoted 0 times
...
Jodi
2 months ago
I feel like I've seen a similar question before, and I think it was about identifying attack types. C) DoS seems to fit best.
upvoted 0 times
...
Svetlana
2 months ago
I'm not entirely sure, but I remember something about access signatures being related to permissions. Could it be A)?
upvoted 0 times
...
Ira
2 months ago
Ugh, I'm a little confused on the differences between the signature types. I know DoS attacks are trying to disrupt the system, but I'm not totally sure how that maps to the options here. I'll have to think it through carefully.
upvoted 0 times
...
Sharan
2 months ago
C) DoS is the correct answer. Intrusion Detection Systems use DoS signatures to detect attacks that attempt to reduce system resources or cause a crash.
upvoted 0 times
...
Charlena
2 months ago
I think the answer might be C) DoS since it relates to denial of service attacks that aim to crash systems.
upvoted 0 times
...
Elvera
2 months ago
Definitely C) DoS, that's the classic one for resource attacks.
upvoted 0 times
...
Verda
3 months ago
Okay, I've got a strategy here. I'm going to eliminate the options that I know aren't related to DoS attacks, then focus in on C and see if that makes the most sense. Gotta use the process of elimination on this one.
upvoted 0 times
...
Anabel
3 months ago
Alright, I've got this. DoS attacks are all about overwhelming a system or resource, so the signature type that would be used to detect those kinds of attacks has to be C. I'm feeling confident about this one.
upvoted 0 times
...
Loren
3 months ago
Okay, let me see here. I know that DoS attacks are designed to reduce system resources or cause a crash, so that's the key thing I need to focus on. I'm pretty sure the answer is C, but I'll double-check the other options just to be sure.
upvoted 0 times
...
Marshall
3 months ago
Hmm, this seems like it could be a tricky one. I'll need to think carefully about the different types of signatures and which one is specifically used for DoS attacks.
upvoted 0 times
...

Save Cancel