CompTIA CASP+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your CompTIA CASP+ exam readiness with our comprehensive quizzes. Sharpen your skills with detailed flashcards and multiple choice questions, each with hints and in-depth explanations. Prepare effectively for this challenging exam!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What type of attack is indicated by a significant increase in UDP port 123 packet traffic?

  1. A Distributed Denial of Service (DDoS) attack.

  2. Man-in-the-middle attack.

  3. An NTP amplification attack.

  4. Credential stuffing attack.

The correct answer is: An NTP amplification attack.

A significant increase in UDP port 123 packet traffic is indicative of an NTP amplification attack. The Network Time Protocol (NTP), which operates on UDP port 123, is used for synchronizing the clocks of computer systems over packet-switched data networks. In an NTP amplification attack, an attacker takes advantage of the protocol's ability to generate responses much larger than the original request. In this type of attack, the attacker sends a small query to an NTP server, often spoofing the source IP address to that of the intended victim. The NTP server responds to this query with a much larger response packet, thereby amplifying traffic directed at the victim. This method allows attackers to generate substantial amounts of traffic that can overwhelm the target's bandwidth, leading to denial of service. While a DDoS attack could involve increased traffic patterns, the specific mention of UDP port 123 specifically points to the amplification technique utilized by NTP. Other options, such as a man-in-the-middle attack or credential stuffing attack, do not correlate with an increase in UDP port 123 traffic, since they exploit different vulnerabilities and protocols.

More Questions Like This