module 6 Flashcards
(12 cards)
Learning Objectives:
Understand DoS attacks and their mechanisms
Discuss flooding and reflection attacks
Describe distributed denial of service attacks (DDoS)
Understand DDoS attack architecture
Explain amplification attacks
Understand HTTP-based attacks
Contents Covered:
DoS Attacks
Common DoS Attacks
Flooding and Reflection Attacks
DDoS Attacks and Architecture
Amplification Attacks
HTTP Attacks
Famous DDoS Attacks
True or False: A Denial of Service (DoS) attack aims to gain unauthorized access to sensitive data.
Answer: False. A DoS attack aims to disrupt the availability of services, not to steal data.
Multiple Choice: Which of the following best describes a flooding attack?
A. Sending malformed packets to confuse the application
B. Overwhelming a target system with a high volume of traffic
C. Intercepting data in transit
D. Disguising malicious traffic as legitimate
Answer: B. Overwhelming a target system with a high volume of traffic
Multiple Choice: Which of the following is a characteristic of a DDoS (Distributed Denial of Service) attack?
A. It is conducted from a single source
B. It always involves ransomware
C. It uses multiple compromised systems to target a victim
D. It requires physical access to the server
Answer: C. It uses multiple compromised systems to target a victim
Short Answer: What is the difference between a reflection attack and a flooding attack in the context of DoS?
Answer: A flooding attack sends a massive volume of traffic directly to the target, while a reflection attack sends requests to third-party servers with the target’s IP as the return address, causing the servers to flood the victim.
Short Answer: Why are DDoS attacks harder to mitigate than traditional DoS attacks?
Answer: DDoS attacks originate from multiple sources, making it difficult to block malicious traffic without affecting legitimate users and requiring more complex mitigation strategies.
True or False: Amplification attacks rely on requesting small amounts of data and receiving large responses that are redirected to the victim.
Answer: True.
Multiple Choice: In an amplification attack, which type of service is commonly exploited?
A. SMTP
B. FTP
C. DNS
D. HTTPS
Answer: C. DNS
Short Answer: Explain how HTTP-based DDoS attacks differ from volumetric DDoS attacks.
Answer: HTTP-based DDoS attacks target the application layer (Layer 7), exploiting resource-intensive operations, while volumetric attacks flood the network or transport layer with large volumes of traffic.
Multiple Choice: Which of the following best describes a botnet in the context of DDoS attacks?
A. A network of secure web servers
B. A set of tools used for web development
C. A group of compromised devices controlled by an attacker
D. An antivirus system
Answer: C. A group of compromised devices controlled by an attacker
Essay-Like Prompt: Discuss the architecture of a DDoS attack and the role of botnets. How do amplification and HTTP-based attacks exploit system vulnerabilities differently?
Answer: DDoS attacks use a distributed network of compromised systems (botnets) to flood a target with traffic. The architecture involves command-and-control servers managing these bots. Amplification attacks exploit vulnerable services (like DNS) by sending small queries that generate large responses aimed at the victim. HTTP-based attacks target application resources by sending seemingly legitimate requests, overwhelming web servers. While amplification focuses on bandwidth exhaustion, HTTP-based attacks deplete computational resources.
