ISC2 Exam CSSLP Topic 9 Question 9 Discussion

Teardrop is an attack with IP fragments that cannot be reassembled. In this attack, corrupt packets are sent to the victim's computer by using

IP's packet fragmentation algorithm. As a result of this attack, the victim's computer might hang.

Answer D is incorrect. Smurf is an ICMP attack that involves spoofing and flooding.

Answer C is incorrect. Dictionary attack is a type of password guessing attack. This type of attack uses a dictionary of common words to

find out the password of a user. It can also use common words in either upper or lower case to find a password. There are many programs

available on the Internet to automate and execute dictionary attacks.

Answer A is incorrect. A password guessing attack occurs when an unauthorized user tries to log on repeatedly to a computer or

network by guessing usernames and passwords. Many password guessing programs that attempt to break passwords are available on the

Internet. Following are the types of password guessing attacks:

Brute force attack

Dictionary attack