Discussion Flashcards

1
Q

(Not actually implemented) While this one-time cookie approach is more complex,

A

it may have the benefit of thwarting some amplification and re- source exhaustion attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The server can avoid disabling TFO for all clients by

A

main- taining a small cache of recently received TFO connection requests from different client IP addresses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

If the pending TFO requests from a particular client IP exceeds the admin- istratively set threshold,

A

the server can selectively disable TFO for just that client IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The server side cache increases the number of valid cookies that the attacker must steal to disable TFO for everyone,

A

but does not completely eliminate the possibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly