Question

Michelle has been experiencing SYN floods and deploys a mitigation technique that allows the server to respond as if SYNs were accepted but then delete the SYN entry in its queue. If the client then responds with a SYN-ACK, the server reconstructs the SYN entry and continues the connection. What technique is Michelle using?

A. SYN cookies
B. ACK-ACK
C. TCP frogging
D. SYN replay

Answer 1

Michelle is using the SYN cookies technique.

Step-by-step explanation:

The technique that Michelle is using is SYN cookies. SYN flood is a type of DDoS attack where the attacker floods the target server with a large number of SYN requests, exhausting its resources. SYN cookies is a mitigation technique that allows the server to respond to the SYN requests without actually keeping track of them in a queue. Instead, the server generates a cookie that contains the information necessary to reconstruct the SYN request when the client sends a SYN-ACK response. This helps the server handle legitimate connections while preventing resource exhaustion caused by SYN floods.