What phase of the TCP communication process is attacked during a TCP SYN flood attack?
- three-way handshake
- connection established
- connection closed
- connection reset
| Explanation & Hint:
A TCP SYN flood attack targets the three-way handshake phase of the TCP communication process. This attack involves an attacker sending a flood of TCP/SYN packets, often with a spoofed source IP address, to the target’s port. The server responds to each connection request with a SYN-ACK packet, and then waits for a confirming ACK response, which never comes. This can exhaust the server’s connection table, which is typically limited in size, and prevent legitimate connections from being established. |