CYBER SECURITY

PGTRB Computer Science - Latest Study Materials-2025 – D. Sundaravel M.Sc.B.Ed(CS) -9751894315

DAY 25

Denial of Service (DoS) attacks

Attacks: Investigating DoS Attacks

1. What does DoS stand for in the context of network security?

a) Data over Security
b) Denial of Service
c) Delivery of Service
d) Distributed Online Service
Answer: b
Explanation: DoS stands for Denial of Service, which refers to a type of cyber attack where the
attacker disrupts the normal functioning of a target, typically a server, by overwhelming it with
traffic or requests.
2. Which of the following is a characteristic of a Denial of Service (DoS) attack?
a) Involves spreading malware
b) Disrupts or disables a service or network
c) Steals sensitive data
d) Manages to bypass firewalls
Answer: b
Explanation: A DoS attack aims to disrupt or disable services or networks by overwhelming them
with traffic, making them unavailable to legitimate users.
3. What is a key difference between a DoS attack and a DDoS attack?
a) DoS attacks are distributed, whereas DDoS attacks are not
b) DDoS attacks are launched from multiple sources, while DoS attacks come from a single source
c) DDoS attacks are less effective than DoS attacks
d) DoS attacks cause permanent damage, while DDoS attacks do not
Answer: b
Explanation: A DDoS (Distributed Denial of Service) attack involves multiple systems launching
the attack, whereas a DoS (Denial of Service) attack originates from a single source.
4. Which of the following is a common method used in DoS attacks?
a) Sending large volumes of traffic to a server
b) Encrypting the data for confidentiality
c) Injecting malicious code into a system
d) Stealing login credentials
Answer: a
Explanation: In a DoS attack, attackers often send large volumes of traffic to a server,
overwhelming it and preventing it from responding to legitimate requests.
5. What is the main goal of a DoS attack?
a) To steal data
b) To disable a server or network service
c) To infect systems with malware
d) To gain unauthorized access to a system
Answer: b
Explanation: The primary goal of a DoS attack is to disable a service or server, making it
unavailable to legitimate users.
6. Which protocol is commonly targeted in DoS attacks to flood a server?
a) HTTP b) DNS c) ICMP d) FTP
Answer: c
Explanation: The ICMP protocol, specifically the Ping command, is often used in DoS attacks to
flood a target server with excessive requests, such as in a Ping of Death attack.

D.Sundaravel M.Sc.B.Ed(cs) -9751894315

 CYBER SECURITY
PGTRB Computer Science - Latest Study Materials-2025 – D. Sundaravel M.Sc.B.Ed(CS) -9751894315
7. What is a "SYN flood" attack?
a) A type of attack that disrupts DNS resolution
b) An attack that targets the SYN-ACK handshake of TCP
c) A brute-force attack to break encryption
d) A social engineering attack
Answer: b
Explanation: A SYN flood is a type of DoS attack that exploits the TCP handshake process by
sending numerous SYN requests but never completing the handshake, causing the target system to
become overwhelmed.
8. Which of the following is a typical result of a successful DoS attack?
a) Data breach
b) System crash or unavailability
c) Malware infection
d) Unauthorized access
Answer: b
Explanation: The typical result of a successful DoS attack is the crashing or unavailability of a
system or service due to overwhelming traffic or requests.
9. What type of DoS attack is characterized by the attacker sending a large number of requests to
a server without waiting for the server's response?
a) Ping of Death b) SYN Flood
c) HTTP Flood d) DDoS Attack
Answer: c
Explanation: An HTTP Flood attack involves sending a large number of HTTP requests to a server
without waiting for responses, overwhelming the server.
10. Which of the following is used in a DDoS attack?
a) A single attacking machine
b) Multiple machines controlled by the attacker
c) A set of malware programs
d) A compromised firewall
Answer: b
Explanation: In a DDoS attack, multiple machines are controlled (often through botnets) and used
to launch the attack from multiple sources.
11. What is the main vulnerability exploited by a DoS attack?
a) The weakness in the encryption algorithms
b) Insufficient bandwidth or resources on the target system
c) Weak passwords used by the server
d) Lack of antivirus software
Answer: b
Explanation: DoS attacks exploit the target system’s insufficient bandwidth or computational
resources, causing it to be overwhelmed.
12. Which of the following is NOT a common tool used to perform a DoS attack?
a) LOIC (Low Orbit Ion Cannon) b) Hping
c) Kali Linux d) Norton Antivirus
Answer: d
Explanation: Norton Antivirus is a security tool, not a tool for launching DoS attacks. LOIC, Hping,
and Kali Linux are commonly used for DoS or DDoS attacks.
13. What does the "Ping of Death" attack do?
a) Sends extremely large ICMP packets to a target
b) Floods the target with SYN requests
c) Exploits buffer overflow vulnerabilities in applications
d) Overloads DNS servers
Answer: a
Explanation: The Ping of Death attack involves sending extremely large ICMP packets to a target,
potentially causing it to crash or behave erratically.
D.Sundaravel M.Sc.B.Ed(cs) -9751894315
 CYBER SECURITY
PGTRB Computer Science - Latest Study Materials-2025 – D. Sundaravel M.Sc.B.Ed(CS) -9751894315
14. Which type of attack is most commonly associated with overwhelming a website’s server by
sending fake traffic to it?
a) Phishing b) DoS c) Man-in-the-middle d) SQL Injection
Answer: b
Explanation: A DoS attack overwhelms a server with fake or excessive traffic, rendering the
website unavailable.
15. What is a "Smurf Attack" in the context of DoS?
a) A method of using social engineering to gain access to a network
b) A DDoS attack using ICMP packets that exploit vulnerabilities in the network
c) A SYN flood technique
d) An attack that floods a website with spam
Answer: b
Explanation: A Smurf Attack is a type of DDoS attack that uses ICMP packets to flood a network
by exploiting vulnerabilities in the network’s configuration.
16. What defensive measure can be used to mitigate DoS attacks?
a) Using stronger encryption
b) Disabling unnecessary services
c) Using firewalls, rate limiting, and traffic analysis
d) Enabling multi-factor authentication
Answer: c
Explanation: Firewalls, rate limiting, and traffic analysis can be used to detect and mitigate DoS
attacks by controlling the amount of traffic entering the network.
17. What is "Rate Limiting" in the context of preventing DoS attacks?
a) Increasing the bandwidth available to the target
b) Limiting the number of requests a server can handle in a given time
c) Encrypting incoming traffic
d) Blocking external IP addresses
Answer: b
Explanation: Rate limiting involves controlling the number of requests a server can process within a
set time period to prevent overload.
18. Which of the following is true about a DDoS attack?
a) It involves a single attacker
b) It is always limited to just one target system
c) It uses multiple systems to flood a target with traffic
d) It only affects unpatched systems
Answer: c
Explanation: A DDoS attack uses multiple systems, often a botnet, to flood a single target with
traffic, overwhelming its resources.
19. What is the role of "Botnets" in DDoS attacks?
a) They control the target system
b) They are used to execute malware
c) They are networks of compromised machines used to launch attacks
d) They are used to detect and prevent attacks
Answer: c
Explanation: Botnets are networks of compromised machines controlled by attackers and used to
launch DDoS attacks against a target.
20. How does a "Nuke" attack differ from other DoS techniques?
a) It exploits weaknesses in SSL certificates
b) It causes a denial of service using the telnet protocol
c) It floods the target system with fragmented packets
d) It uses email to deliver malicious links
Answer: c
Explanation: A Nuke attack involves flooding the target with fragmented packets to overwhelm and
crash the system.
D.Sundaravel M.Sc.B.Ed(cs) -9751894315
 CYBER SECURITY
PGTRB Computer Science - Latest Study Materials-2025 – D. Sundaravel M.Sc.B.Ed(CS) -9751894315
21. What is the main impact of a successful DoS attack on businesses?
a) Loss of sensitive data
b) Increased system performance
c) Downtime leading to service unavailability
d) Unauthorized access to the database
Answer: c
Explanation: A successful DoS attack results in downtime, causing a service to be unavailable to
legitimate users, which may result in financial loss.
22. Which of the following can help prevent DoS attacks from affecting a web server?
a) Using strong passwords
b) Regularly updating the server software
c) Increasing the server's CPU power
d) Encrypting all traffic
Answer: b
Explanation: Regularly updating the server software ensures that any security patches that mitigate
known vulnerabilities are applied, making it harder for attackers to exploit the server.
23. What is the purpose of a "Reverse Proxy" in mitigating DoS attacks?
a) To hide the IP address of the server
b) To encrypt outgoing traffic
c) To limit the number of requests to the server
d) To block known malicious IP addresses
Answer: a
Explanation: A reverse proxy helps mitigate DoS attacks by hiding the IP address of the actual
server, making it harder for attackers to target the server directly.
24. What is an "Application Layer DoS Attack"?
a) It targets vulnerabilities in the transport layer of the OSI model
b) It exploits weaknesses in the application-level protocols like HTTP or DNS
c) It floods the network with high-volume traffic
d) It uses brute-force techniques to gain unauthorized access
Answer: b
Explanation: An application layer DoS attack targets vulnerabilities in the application protocols,
such as HTTP or DNS, to overload the server and cause service disruption.
25. Which of the following is a common sign that a DoS attack is in progress?
a) Unusually high traffic from a single source
b) The server is unusually fast
c) The server is securely patched
d) The data is encrypted
Answer: a
Explanation: A common sign of a DoS attack is a sudden surge of traffic from a single or multiple
sources, overwhelming the target.
26. What is a "Zero-Day" DoS attack?
a) An attack exploiting a known vulnerability
b) An attack that takes advantage of an unknown vulnerability
c) A phishing attack
d) A brute-force attack on login credentials
Answer: b
Explanation: A zero-day DoS attack exploits an unknown vulnerability that the target or vendor has
not yet patched.
27. What kind of service disruption occurs during a DoS attack?
a) Unauthorized access to private data b) System crash or unavailability
c) Malware infection d) Breach of encrypted traffic
Answer: b
Explanation: A DoS attack disrupts the service or causes the system to crash, making it unavailable
to legitimate users.
D.Sundaravel M.Sc.B.Ed(cs) -9751894315
 CYBER SECURITY
PGTRB Computer Science - Latest Study Materials-2025 – D. Sundaravel M.Sc.B.Ed(CS) -9751894315
28. What is the purpose of a Content Delivery Network (CDN) in mitigating DoS attacks?
a) To increase the speed of encryption
b) To distribute content and reduce the impact of attacks on a single server
c) To create new encryption keys for each session
d) To reduce the traffic to a server
Answer: b
Explanation: A CDN distributes traffic across multiple servers, helping reduce the impact of DoS
attacks on a single server.
29. Which of the following can help detect DoS attacks in a network?
a) Signature-based IDS
b) Encryption techniques
c) Regular software patches
d) All of the above
Answer: a
Explanation: A signature-based Intrusion Detection System (IDS) can detect patterns indicative of
DoS attacks, helping to identify and mitigate attacks early.
30. What is the first step in mitigating a DoS attack?
a) Identifying the attack type and source
b) Rebooting the affected server
c) Shutting down the entire network
d) Encrypting all traffic
Answer: a
Explanation: The first step in mitigating a DoS attack is to identify the type and source of the attack,
so that an appropriate response can be formulated.

D.Sundaravel M.Sc.B.Ed(cs) -9751894315