セクション:情報資産の保護
Explanation:
リフレクテッド攻撃とは、偽造されたリクエストを多数のコンピュータに送信し、それらのコンピュータがリクエストに応答するように仕向ける攻撃手法です。送信元IPアドレスは標的のコンピュータのIPアドレスに偽装され、応答が大量に発生するように仕向けられます。
分散型サービス拒否攻撃では、偽造されたリクエストを非常に多数のコンピュータに送信し、それらのコンピュータがリクエストに応答するように仕向けます。インターネットプロトコルアドレスの偽装を用いることで、送信元アドレスを標的のコンピュータのアドレスに設定し、すべての応答が標的のコンピュータに送られ(そして溢れかえる)ことになります。
(この反射型攻撃は「DRDOS」と呼ばれることもあります。)
ICMPエコー要求攻撃(スマーフ攻撃)は、反射型攻撃の一種とみなすことができます。攻撃側のホストは、構成が混在するネットワークのブロードキャストアドレスにエコー要求を送信し、それによって他のホストに被害者へのエコー応答パケットの送信を促します。初期のDDoS攻撃プログラムの中には、この攻撃の分散型を実装したものもありました。
In the surf attack, the attacker sends an ICMP ECHO REQUEST packet with a spoofed source address to a victim's network broadcast address. This means that each system on the victim's subnet receives an ICMP ECHO REQUEST packet. Each system then replies to that request with an ICMP ECHO REPLY packet to the spoof address provided in the packets-which is the victim's address. All of these response packets go to the victim system and overwhelm it because it is being bombarded with packets it does not necessarily know how to process. The victim system may freeze, crash, or reboot. The Smurf attack is illustrated in Figure below:
surf-attack

The following answers are incorrect:
Brute force attack - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.
Buffer overflow - A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally through programming error, buffer overflow is an increasingly common type of security attack on data integrity.
Pulsing Zombie - A Dos attack in which a network is subjected to hostile pinging by different attacker computer over an extended time period.
Reference:
CISA review manual 2014 Page number 322