GCGA Ch. 7 Identifying Network Attacks (ST) Flashcards
(9 cards)
DDoS attacks
Denial of Service (DoS) attacks from multiple computers. Distributed Denial of Service (DDoS) attacks typically include sustained, abnormally high network traffic, high processor usage, or high memory usage resulting in resource exhaustion.
Major variants of DDoS attacks
include reflected attacks, which involve using third-party servers to redirect traffic to the target, and amplified attacks, which combine reflection techniques with amplification to generate an even greater volume of traffic directed at the target.
Forgery attacks
occur when an attacker creates a fake identity, certificate, file, or other object in an attempt to fool an unsuspecting user or system. Spoofing is an example of forgery that occurs when one person or entity impersonates or masquerades as someone or something else.
On-path attacks
a form of interception or active eavesdropping. Sophisticated on-path attacks establish secure channels and users may see certificate warnings indicating an on-path attack. SSH will give users a warning if it detects a man-in-the-middle attack.
Secure Sockets Layer (SSL) stripping
an on-path attack that attempts to convert encrypted HTTPS sessions into unencrypted HTTP sessions.
DNS poisoning attacks
corrupt or modify DNS data stored on a DNS server and can redirect users to malicious sites. A pharming attack attempts to manipulate the DNS name resolution process by storing incorrect DNS records on a client system.
URL redirection
causes a web browser to go to a different URL when a user visits a website.
Domain hijacking attacks
allow an attacker to change a domain name registration without permission from the owner. Owners learn of the hijack after they’ve lost access to the site.
Replay attacks
capture data in a session. After manipulating the capture, they send it back on the network as a session replay. Timestamps and sequence numbers thwart replay attacks.
