Which statement best identifies a Smurf attack?

Smurf is a denial-of-service amplification technique that uses ICMP. An attacker sends ICMP echo requests to a broadcast address with the source IP spoofed to the victim’s address. Every host on that broadcast network replies to the spoofed address, flooding the victim with ICMP echo replies and overwhelming their network or system resources. That identifying feature—an ICMP-based amplification to a broadcast network aimed at the victim—makes “Smurf attack” the correct description. The other options point to different concepts: a UDP flood describes a different type of DDoS, XSS Reflection involves web scripting abuse, and a perimeter email gateway is a defensive device, not an attack. To mitigate Smurf attacks, disable IP directed broadcasts on routers, implement ingress filtering to prevent spoofed packets, and apply appropriate ICMP controls at firewalls.