Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA PenTest+ > Network Based Vulnerabilities > Flashcards

Network Based Vulnerabilities Flashcards

1
Q

NETBIOS Name Service

A
  • part of NetBIOS over TCP protocol, similar to DNS to translate human readable names to IP addresses using 16 character ASCII name
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Link Local Multicast Name Resolution

A
  • LLMNR, based on DNS packet format allowing both IPv4 and IPv6 hosts to perform name resolution for hosts on the same network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Server Message Block SMB

A
  • TCP ports 139 and 445

* EternalBlue exploits and WannaCry ransomware utilized flaws in SMB protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SNMP

A
  • SNMPv1 has port security and includes authentication using a shared community string sent in cleartext to public
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SMTP

A
  • direct exploits of protocol, using open relays, using local relays, phishing attacks, SPAM
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FTP

A
  • insecure protocol that sends data and authentication in cleartext over the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DNS Poisoning

A
  1. Inject fake DNS record
  2. visitor requests DNS for bank
  3. visitor gets IP address for fake bank server instead
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

DNS Cache Poisoning

A
  • like DNS poisoning but the poisoning can occur in the DNS cache of the local computer or server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Pass the Hash

A
  • attack against NT LAN Manager NTLM authentication system, steals hashed user credential and reuses it in the windows auth system to create a new authenticated session
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Man in the Middle

A
  • ARP spoofing
  • reply
  • relay
  • SSl stripping
  • downgrade
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

ARP Spoofing (Man in the Middle)

A
  • attacker sends falsified ARP messages over the LAN

* results in attackers MAC being associated with the IP of a valid computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Replay (Man in the Middle)

A
  • attack occurs when valid data is captured by an attacker and is repeated or delayed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Relay (Man in the Middle)

A
  • occurs when the attacker is able to become the MITM and acts as a middle man in communincations session
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SSL Stripping (Man in the Middle)

A
  • websites encryption is tricked into presenting the user with and HTTP connection instead of HTTPS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Downgrade (Man in the Middle)

A
  • attempts to have client or server adandon a higher security mode to use a lower security mode
  • TLS 1.2 is more secure than SSL 2.0
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Denial of Service

A
  • stress test in pentesting, denies resources or service to authorized user by exhausing resources
17
Q

NAC Bypass

A
  • NAC can prevent you from gaining access to the network, can be bypassed by spoofing MAC and address of a VOIP device
18
Q

VLAN Hopping

A
  • attack host on different VLAN to gain access
  • switch spoofing - attempt to auto negotiate with a targeted switch by setting your device to act as a switch, switch gets copies of all VLAN traffic and separates based on tags

CompTIA PenTest+ (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions