Information Technology Specialist (ITS) Cybersecurity Practice Exam

The correct answer is DNS Amplification, which is a type of distributed denial-of-service (DDoS) attack that exploits the functionality of DNS servers. In this attack, the perpetrator sends a small query to an open DNS server, with the source address spoofed to appear as the target's IP address. The DNS server then responds to the query with a much larger response, flooding the target with a significant volume of DNS traffic.

This amplification occurs because the response size is much greater than the original request, which enables attackers to use minimal resources to generate a substantial amount of outgoing traffic directed at the target. The use of publicly accessible open DNS servers is critical in these attacks since they allow attackers to bypass restrictions on who can make queries, enabling a much larger scale of attack.

While DNS Reflection also involves amplifying traffic by using open DNS servers, it specifically entails reflecting the traffic back to a target, which is a key differentiator. Since the question directly highlights the flooding aspect generated through stored responses rather than the reflection mechanism, DNS Amplification is the more precise answer.