Which attack involves multiple external hosts initiating but not completing a TCP handshake?

The attack that involves multiple external hosts initiating but not completing a TCP handshake is accurately identified as a SYN Flood attack. In this type of attack, the attacker sends an overwhelming number of SYN (synchronize) requests to a target server in an attempt to overload it. Each SYN request initiates a half-open connection, where the server responds with a SYN-ACK (synchronize-acknowledge) packet, waiting for a final ACK (acknowledge) packet from the client.

However, in a SYN Flood, the final ACK is never sent by the attacker. As the server waits for the completion of these handshakes, it can become overwhelmed by the number of half-open connections, exhausting its resources and potentially leading to a denial of service. This flood can prevent legitimate users from successfully connecting to the server, which is the primary goal of this attack.

The other options represent different types of attacks that do not specifically involve the mechanics of the TCP handshake in the same way as a SYN Flood. DDoS attacks, while they may involve SYN Flood techniques, encompass a broader range of attack vectors and are not limited to the TCP handshake. ARP Poisoning focuses on misleading devices on a local network by associating an attacker's MAC address