During a red-team engagement, your goal is to overwhelm a target's Internet link while having only a small uplink yourself. You decide to send forged 60-byte UDP queries to publicly accessible NTP servers so they reply with kilobytes of data toward the victim's IP address. Which DoS/DDoS attack technique are you preparing to use?
Executing a Slowloris slow-header attack against the NTP control interface
Sending a TCP SYN flood aimed at port 123/UDP on the victim
Triggering a teardrop fragmentation attack to crash the victim's TCP/IP stack
Launching an NTP amplification attack that abuses the monlist command
The scenario describes an amplification-based distributed denial-of-service technique. By spoofing the victim's IP address in very small Network Time Protocol (NTP) monlist requests, the attacker coerces many NTP servers to send much larger replies to the victim, producing an amplification ratio often exceeding 200×. This quickly saturates the victim's bandwidth even though the attacker transmits relatively little traffic. A TCP SYN flood and teardrop fragmentation rely on consuming state or exploiting reassembly bugs, not on reflection or amplification. Slowloris keeps HTTP sessions open with partial headers, which targets web servers and consumes their connection pools rather than amplifying traffic volume. Therefore, the only option matching the described UDP reflection and amplification behavior is the NTP amplification attack that abuses the monlist command.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an NTP amplification attack?
Open an interactive chat with Bash
What is NTP and what does the monlist command do?
Open an interactive chat with Bash
How does spoofing work in DDoS attacks like NTP amplification?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Network and Perimeter Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .