Attacks

Question 1

DoS

Answer 1

Denial of Service attack. Prevents access to network resources.

Question 2

Varieties of DoS

Answer 2

Ping of Death, Smurf, SYN Flood, Tribe Flood Network, Tribe Flood Network 2000, Stacheldragt

Question 3

Ping of Death

Answer 3

Type of DoS. One Ping request sends a huge amount of data instead of the small payload PING normally carries. Most modern OSes prevent this from working.

Question 4

Smurf

Answer 4

Type of DoS. Attacker spoofs the source IP of a PING request. Sends PING request to all broadcast addresses. Router forwards reuqests to all hosts on the subnet. Response pings are sent back to victim.

Question 5

SYN Flood

Answer 5

Type of DoS. Sending a TCP/IP packet with SYN flag set to 1 causes server to open a connection and respond with SYN/ACK, waiting for an ACK. Attacker doesn’t send ACK, forcing the server to keep the connection open, using a portion of memory. Server isn’t able to respond to legitimate requests.

Question 6

Tribe Flood Network

Answer 6

Type of DoS. TFN. DDoS (Distributed Denial of Service) attack.

Question 7

Tribe Flood Network 2000

Answer 7

Type of DoS. TFN2K. DDoS (Distributed Denial of Service) attack.

Question 8

Stacheldraght

Answer 8

Type of DoS. Means barbed wire in German. Mix of techniques involving TFN and encryption.

Question 9

Types of Viruses

Answer 9

Macro Virus, Boot-Sector Virus, Multipartite Viruses File Viruses

Question 10

File Virus

Answer 10

Replaces some of all of a target program’s code with their own. The compromised file, when executed, does the damage.

Question 11

Macro Virus

Answer 11

Script of commands written in software that supports macros (EG MS Office). Annoying but harmless.

Question 12

Boot-Sector Virus

Answer 12

Infect the hard drive’s boot sector, pointing the PC in the wrong direction or removing reference to the OS.

Question 13

Multipartite Virus

Answer 13

Affects the boot sector and the hard drive’s files at once.

Question 14

Worms

Answer 14

Like viruses, but can replicate without users opening an infected file

Question 15

Buffer Overflow

Answer 15

Injecing so much data into the forms of an application that the host crashes

Question 16

War Driving

Answer 16

The practice of cruising around in a vehicle equipped with laptops, antennas, and wireless adapters to detect unsecured or poorly secured Wi-Fi networks. The goal might be to map network locations, analyze signal strengths, or, in some cases, exploit vulnerabilities.

Question 17

War Chalking

Answer 17

The collection of information regarding wireless networks either in chalk on the sitewalk or online

Question 18

3 ways to detect and defend against an intruder

Answer 18

Active Detection, Passive Detection, Proactive Defense Methods

Question 19

Active Detection

Answer 19

This involves deliberately seeking out threats or unusual activity using tools or techniques that actively probe the environment.

Examples: Intrusion Detection Systems (IDS) like Snort that scan network traffic for malicious behavior, or port scanners that identify unauthorized open ports.

Pros: Real-time alerts and the ability to identify active threats quickly.

Trade-off: Can potentially alert intruders that you’re watching.

Question 20

Passive Detection

Answer 20

Here, you monitor systems and networks quietly without interacting with them directly. It’s more stealthy.

Examples: Packet sniffers like Wireshark, or security logs and audit trails that detect anomalies over time.

Pros: Less likely to tip off intruders, useful for discovering sophisticated or stealthy attacks.

Trade-off: May not catch fast-moving or zero-day threats immediately.

Question 21

Proactive Defense Methods

Answer 21

These are strategies or technologies used to prevent intrusions before they happen.

Examples: Firewalls, endpoint protection, multi-factor authentication, and security awareness training for users.

Pros: Reduces the attack surface and mitigates risk before breaches occur.

Trade-off: Needs constant updates and user compliance to remain effective.

Question 22

The Ping of Death and SYN floods are examples of what types of attack?

Answer 22

DoS

Question 23

How often should you update your virus definitions in your antivirus software?

Answer 23

You should update your virus definitions in your antivirus software as frequently as possible, ideally multiple times a day or whenever new updates are available

Question 24

What type of attack injects a command that overflows the amount of memory allocated and executes commands that would not normally be allowed?

Answer 24

Buffer Overflow

Question 25

What type of virus attacks executable programs?

Answer 25

A File Virus

Question 26

What kind of tool could a hacker use to intercept traffic on your network?

Answer 26

Packet Sniffer

Question 27

What type of virus uses Microsoft’s Visual Basic scripting language?

Answer 27

A Macro Virus

Question 28

What is it called when someone intercepts traffic on your network that’s intended for a different destination computer?

Answer 28

Man-in-the-middle attack

Question 29

If someone installed a wireless router on your network without your knowledge, that would be called ___________________.

Answer 29

A rogue access point

Question 30

What software application can help automatically ensure that your Windows-based computers have the most current security patches?

Answer 30

Windows Update For enterprise environments: Windows Server Update Services (WSUS) is the primary software application that can help automatically ensure Windows-based computers have the most current security patches. WSUS is a Microsoft server role that allows network administrators to centrally manage and distribute Windows updates across their network.

Question 31

The two different types of virus scans are ___________________.

Answer 31

On-access (real-time) scanning – scans files as they are opened, saved, or executed. On-demand scanning – scans files or entire systems manually when initiated by the user.