Network Attacks

Question 1

Denial of Service (DoS) Attack

Answer 1

Occurs when one machine continually floods a victim with requests for services

Question 2

TCP SYN Flood

Answer 2

Occurs when an attacker initiates multiple TCP sessions, but never
completes them

Question 3

Smurf Attack (ICMP Flood)

Answer 3

▪ Occurs when an attacker sends a ping to a subnet broadcast address with
the source IP spoofed to be that of the victim server

Question 4

Distributed Denial of Service (DDoS) Attack

Answer 4

▪ Occurs when an attacker uses multiple computers to ask for access to the
same server at the same time
● Botnet
o A collection of compromised computers under the control
of a master node
● Zombie
o Any of the individually compromised computers

Question 5

On-Path/ Man-in-the-Middle (MITM) Attack

Answer 5

Occurs when an attacker puts themselves between the victim and the
intended destination

Question 6

Session Hijacking

Answer 6

Occurs when an attacker guesses the session ID that is in use between a
client and a server and takes over the authenticated session

Question 7

DNS Poisoning

Answer 7

Occurs when an attacker manipulates known vulnerabilities within the
DNS to reroute traffic from one site to a fake version of that site

Question 8

DNSSEC

Answer 8

Uses encrypted digital signatures when passing DNS information between
servers to help protect it from poisoning
▪ Ensure server has the latest security patches and updates

Question 9

Rogue DHCP Server

Answer 9

A DHCP server on a network which is not under the administrative
control of the network administrators

Question 10

Spoofing

Answer 10

Occurs when an attacker masquerades as another person by falsifying
their identity

Question 11

IP Spoofing

Answer 11

Modifying the source address of an IP packet to hide the identity of the
sender or impersonate another client
▪ IP spoofing is focused at Layer 3 of the OSI model

Question 12

MAC Spoofing

Answer 12

Changing the MAC address to pretend the use of a different network
interface card or device

Question 13

MAC Filtering

Answer 13

Relies on a list of all known and authorized MAC addresses

Question 14

ARP Spoofing

Answer 14

Sending falsified ARP messages over a local area network
▪ ARP spoofing attack can be used as a precursor to other attacks
▪ Set up good VLAN segmentation within your network

Question 15

VLAN Hopping

Answer 15

Ability to send traffic from one VLAN into another, bypassing the VLAN
segmentation you have configured within your Layer 2 networks

Question 16

Double Tagging

Answer 16

Connecting to an interface on the switch using access mode with the
same VLAN as the native untagged VLAN on the trunk

Question 17

Switch Spoofing

Answer 17

Attempting to conduct a Dynamic Trunking Protocol (DTP) negotiation
▪ Disable dynamic switchport mode on your switchports

Question 18

Malware

Answer 18

Designed to infiltrate a computer system and possibly damage it without
the user’s knowledge or consent

Question 19

Virus

Answer 19

Made up of malicious code that is run on a machine without the user’s
knowledge and infects it whenever that code is run

Question 20

Worm

Answer 20

A piece of malicious software that can replicate itself without user
interaction

Question 21

Trojan Horse

Answer 21

A piece of malicious software disguised as a piece of harmless or
desirable software

Question 22

Remote Access Trojan (RAT)

Answer 22

Provides the attacker with remote control of a victim machine

Question 23

Ransomware

Answer 23

Restricts access to a victim’s computer system or files until a ransom or
payment is received

Question 24

Spyware

Answer 24

Gathers information about you without your consent

Question 25

Key Logger

Answer 25

Captures any key strokes made on the victim machine

Question 26

Rootkit

Answer 26

Designed to gain administrative control over a computer system or network device without being detected

Question 27

Rogue Access Point

Answer 27

A wireless access point that has been installed on a secure network without authorization from a local network administrator

Question 28

Shadow IT

Answer 28

▪ Use of IT systems, devices, software, applications, or services without the explicit approval of the IT department

Question 29

Evil Twin

Answer 29

Wireless access point that uses the same name as your own network

Question 30

Deauthentication

Answer 30

Attempts to interrupt communication between an end user and the wireless access point

Question 31

Dictionary Attack

Answer 31

Guesses the password by attempting to check every single word or phrase contained within a word list, called a dictionary

Question 32

Brute Force Attack

Answer 32

Tries every possible combination until they figure out the password ▪ Use a longer and more complicated password

Question 33

o Social Engineering

Answer 33

Any attempt to manipulate users to reveal confidential information or perform actions detrimental to a system’s security ▪ The weakest link is our end users and employees

Question 34

Phishing

Answer 34

Sending an email in an attempt to get a user to click a link ▪ Sending out emails to capture the most people and doesn’t really target any particular person or group

Question 35

Whaling

Answer 35

Focused on key executives within an organization or other key leaders, executives, and managers in the company

Question 36

Tailgating

Answer 36

Entering a secure portion of the organization’s building by following an authorized person into the area without their knowledge or consent