Question 12 - CertNexus CFR-410 Real Exam Questions [Jan 2026 Update]

Q: 12

Which of the following attacks involves sending a large amount of spoofed User Datagram Protocol (UDP) traffic to a router’s broadcast address within a network?

Options

Correct Answer:

Explanation

A Fraggle attack is a type of denial-of-service (DoS) attack that involves sending a large volume of spoofed User Datagram Protocol (UDP) traffic to an IP broadcast address. The source IP address of these packets is forged to be the victim's IP address. When the router forwards these packets to all hosts on the broadcast network, each host sends a reply to the victim's IP address. This amplification effect floods the victim's system with unsolicited UDP traffic, consuming its network bandwidth and resources, ultimately leading to a denial of service. The key elements matching the question are the use of UDP and targeting a broadcast address.

Why Incorrect

A. Land attack: This attack involves sending a TCP SYN packet where the source IP address and port are spoofed to be the same as the destination, causing the target to enter a loop.

C. Smurf attack: This is functionally identical to a Fraggle attack but uses ICMP echo request packets (pings) instead of UDP packets. The question specifically mentions UDP traffic.

D. Teardrop attack: This attack exploits vulnerabilities in the IP fragmentation reassembly process by sending overlapping, oversized payloads, which can cause the target operating system to crash.

References

1. CERT Coordination Center

Carnegie Mellon University. In advisory CA-1998-01

the distinction is made clear: "A variation of this attack

called 'fraggle

' uses UDP echo packets in the same fashion [as a Smurf attack uses ICMP packets]."

Source: CERT® Advisory CA-1998-01 Smurf IP Denial-of-Service Attacks. (January 28

1998). Section: "III. Description".

2. Kurose

J. F.

& Ross

K. W. (2017). Computer Networking: A Top-Down Approach (7th ed.). Pearson. University-level textbooks on computer networking describe these attacks. In discussions on Denial-of-Service

the Smurf attack is defined by its use of ICMP echo requests to a broadcast address

while the Fraggle attack is noted as a variant using UDP packets.

Source: Chapter 8

"Security in Computer Networks

" Section 8.2

"Denial of Service (DoS) Attacks."

3. Forouzan

B. A. (2010). TCP/IP Protocol Suite (4th ed.). McGraw-Hill. This academic text details various network attacks. It describes the Smurf attack as using ICMP and the Fraggle attack as its UDP-based counterpart

both leveraging broadcast addresses for amplification.

Source: Chapter 29

"Security

" Section: "Denial-of-Service Attacks."

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE