Question 104 of 530 from exam 400-251: CCIE Security written exam

B.

The correct answer is B, QoS marking attack.

A QoS marking attack is a type of attack where the attacker injects traffic into the network with a Differentiated Services Code Point (DSCP) value of EF (Expedited Forwarding). This DSCP value is typically reserved for high-priority traffic such as voice or video. By injecting traffic with a high-priority DSCP value, the attacker can cause the network to prioritize their traffic over other traffic, potentially causing denial of service or degraded performance for other network users.

A brute-force attack is a type of attack where the attacker tries every possible combination of usernames and passwords in order to gain access to a system.

A DHCP starvation attack is a type of attack where the attacker floods a DHCP server with a large number of DHCP requests in order to exhaust the available IP addresses.

A SYN flood attack is a type of attack where the attacker sends a large number of SYN packets to a server, overwhelming the server and preventing legitimate traffic from being processed.

In summary, a QoS marking attack involves injecting traffic with a high-priority DSCP value into the network, potentially causing denial of service or degraded performance for other network users.