I think this question is a good example of what you need to be careful of on the test. Note I have never taken the CISSP. Interested in feedback from people who have.
Which of the following can be used to hide a spoof attack?
B buffer overflows
D denial of service (DOS)
In my opinion, 2 of the answers are correct. Both are valid responses