CompTIA Security+ SY0-701 Practice Question
A network administrator notices unexpected traffic on the network that is identical to valid service requests from earlier in the day. What type of attack should the administrator be concerned about and what is a primary countermeasure to prevent such an attack?
This seems to be indicative of a denial-of-service attack, and employing increased bandwidth and firewall rules can help mitigate it.
The administrator is likely witnessing a man-in-the-middle attack and should implement encryption between the endpoints.
The traffic pattern is characteristic of a brute force attack, and the administrator should implement account lockout policies.
The network administrator should be concerned about a replay attack and can use sequence numbers or time stamps to prevent such attacks.