Common Attack Types Quiz

Question 1

What is the purpose of a DoS (Denial of Service) attack?

Answer 1

Resource Exhaustion

Question 2

As opposed to the simple DoS attacks that usually are performed from a single system, a Distributed Denial of Service (DDoS( attack uses multiple compromised computer systems to perform the attack against its target.

Answer 2

True

Question 3

Which of the following applies to a collection of intermediary compromised systems that can be used as a platform for a DDoS attack?

Answer 3

Botnet

Question 4

What is the function of a C2 Server? (Command and Control Server)

Answer 4

Botnet Control

Question 5

Which of the following statements can be used to describe the characteristics of an on-path attack? (Select all that apply)

Answer 5

An on-path attack is also known as MITM (Man in the Middle)
In an on-path attack, attackers place themselves on the communications route between two devices
In an on-path attack, attackers intercept or modify packets sent between two communicating devices

Question 6

Remapping a domain name to a rogue IP address is an example of what kind of exploit?

Answer 6

DNS Poisoning

Question 7

Switch spoofing and double tagging are attack methods used in:

Answer 7

VLAN hopping attacks

Question 8

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker’s IP address instead of the IP address of the default gateway. Based on the given information, which type of attack is taking place in the this scenario?

Answer 8

ARP (Address Resolution Protocol) poisoning

Question 9

The term “DHCP snooping” refers to an exploit that enables operation of a rogue DHCP network server.

Answer 9

False

Question 10

The term “Evil twin” refers to a rogue Wireless Access Point (WAP) set up for the purpose of eavesdropping or stealing sensitive user data. Evil twin replaced the legitimate access point and by advertising its its presence with the same Service Set Identifier (SSID) appears as a legitimate access point to connecting hosts.

Answer 10

True

Question 11

Malware that restricts access to a computer system by encrypting files or locking the entire down until the user performs requested action is known as:

Answer 11

Ransomeware

Question 12

An attack against encrypted data relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as:

Answer 12

Brute-force attack

Question 13

Which password attack takes advantage of a predefined list of words?

Answer 13

Dictionary attack

Question 14

An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as: (Select 2 answers)

Answer 14

MAC spoofing
MAC cloning

Question 15

Which of the following attacks relies on altering the source layer 3 address

Answer 15

IP spoofing

Question 16

A wireless disassociation attack is a type of? (Select 2 answers)

Answer 16

Deauthentication attack
Denial-of-Service attack

Question 17

Harmful programs used to disrupt computers operation, gather sensitive information, or gain unauthorized access to computer systems are commonly referred to as:

Answer 17

Malware

Question 18

A social engineering technique whereby attackers under disguise of a legitimate request attempt to gain access to confidential information is commonly referred to as:

Answer 18

Phishing

Question 19

What is tailgating?

Answer 19

Gaining unauthorized access to restricted areas by following another person (without the consent of the authorized person)

Question 20

What is piggybacking?

Answer 20

Gaining unauthorized access to restricted areas by following another person (with the consent of the authorized person)

Question 21

A situation in which an unauthorized person can view another user’s display of keyboard to learn their password or other confidential information is referred to as:

Answer 21

Shoulder surfing