CompTIA Network+ Practice Test

What is a common technique used in DDoS reflection attacks?

• A. Using secure protocols with strict authentication
• B. Reflecting traffic off other devices to amplify the attack
• C. Sending traffic directly to the victim from a single source
• D. Utilizing only encrypted data transmission

The correct answer is: Reflecting traffic off other devices to amplify the attack

The correct answer is based on the principle of DDoS reflection attacks, which typically involve an attacker using third-party servers or devices to amplify the volume of traffic directed at a targeted victim. This technique leverages legitimate services, which respond to requests from the attacker's IP address, but instead send the responses to the victim's IP address. In this scenario, the attacker sends a small request to multiple servers, spoofing the source address to make it appear as if the requests are coming from the victim's IP. The servers, commonly configured to respond to such requests, then send considerably larger responses to the victim, effectively amplifying the attack. This allows the attacker to overwhelm the target with traffic without needing to generate a large amount of traffic from their own resources, which makes it a common and efficient technique in DDoS attacks. Other options do not align with the mechanics of a reflection attack. For example, using secure protocols with strict authentication would typically help mitigate the risk of such attacks rather than facilitate them. Sending traffic directly to the victim from a single source describes a straightforward attack method rather than a reflection attack, which involves multiple servers. Finally, utilizing only encrypted data transmission does not inherently contribute to the mechanics of a reflection attack and would