Network+ Exam: Threat Identification - N10-007

Network Security Technician Observations: Threats and Solutions

Prev Question Next Question

Question

A network security technician observes multiple attempts to scan network hosts and devices.

All the attempts originate from a single host on the network.

Which of the following threats is MOST likely involved?

A.

Smurf attack B.

Rogue AP C.

Compromised system D.

Unintentional DoS.

C.

Explanations

A network security technician observes multiple attempts to scan network hosts and devices.

All the attempts originate from a single host on the network.

Which of the following threats is MOST likely involved?

A.

Smurf attack

B.

Rogue AP

C.

Compromised system

D.

Unintentional DoS.

C.

The correct answer is C. Compromised system.

When an attacker compromises a system on a network, they can use it to launch attacks on other devices on the same network. A common way to do this is by scanning the network for vulnerable devices that can be exploited. The fact that the network security technician observed multiple attempts to scan network hosts and devices from a single host on the network indicates that the host has been compromised by an attacker.

Option A, Smurf attack, is a type of DDoS attack that floods a victim's network with ICMP echo requests, but this does not involve scanning network hosts.

Option B, Rogue AP, is a fake wireless access point that is set up to steal sensitive information, but it does not involve scanning network hosts.

Option D, Unintentional DoS, refers to a situation where a legitimate user accidentally floods the network with traffic, causing a denial of service. This is not the case here, as the scanning attempts were deliberate and originated from a compromised host.