Network Attacks (4.2)

Question 1

Denial of Service (DoS) Attack

Answer 1

o Occurs when one machine continually floods a victim with requests for services

Question 2

TCP SYN Flood

Answer 2

TCP SYN Flood
▪ Occurs when an attacker initiates multiple TCP sessions, but never
completes them

Question 3

Smurf Attack (ICMP Flood)

Answer 3

▪ Occurs when an attacker sends a ping to a subnet broadcast address with
the source IP spoofed to be that of the victim server

Question 4

Distributed Denial of Service (DDoS) Attack

Answer 4

▪ Occurs when an attacker uses multiple computers to ask for access to the
same server at the same time

Question 5

Botnet

Answer 5

o A collection of compromised computers under the control

of a master node

Question 6

Zombie

Answer 6

o Any of the individually compromised computers

Question 7

On-Path/ Man-in-the-Middle (MITM) Attack

Answer 7

▪ Occurs when an attacker puts themselves between the victim and the
intended destination

Question 8

Session Hijacking

Answer 8

▪ Occurs when an attacker guesses the session ID that is in use between a
client and a server and takes over the authenticated session

Question 9

DNS Poisoning

Answer 9

▪ Occurs when an attacker manipulates known vulnerabilities within the
DNS to reroute traffic from one site to a fake version of that site

Question 10

DNSSEC

Answer 10

▪ Uses encrypted digital signatures when passing DNS information between
servers to help protect it from poisoning
▪ Ensure server has the latest security patches and updates

Question 11

Rogue DHCP Server

Answer 11

▪ A DHCP server on a network which is not under the administrative
control of the network administrators

Question 12

Spoofing

Answer 12

▪ Occurs when an attacker masquerades as another person by falsifying
their identity

Question 13

IP Spoofing

Answer 13

▪ Modifying the source address of an IP packet to hide the identity of the
sender or impersonate another client
▪ IP spoofing is focused at Layer 3 of the OSI model

Question 14

MAC Spoofing

Answer 14

▪ Changing the MAC address to pretend the use of a different network
interface card or device

Question 15

MAC Filtering

Answer 15

▪ Relies on a list of all known and authorized MAC addresses

Question 16

ARP Spoofing

Answer 16

▪ Sending falsified ARP messages over a local area network
▪ ARP spoofing attack can be used as a precursor to other attacks
▪ Set up good VLAN segmentation within your network

Question 17

VLAN Hopping

Answer 17

▪ Ability to send traffic from one VLAN into another, bypassing the VLAN
segmentation you have configured within your Layer 2 networks

Question 18

Double Tagging

Answer 18

▪ Connecting to an interface on the switch using access mode with the
same VLAN as the native untagged VLAN on the trunk

Question 19

Switch Spoofing

Answer 19

▪ Attempting to conduct a Dynamic Trunking Protocol (DTP) negotiation
▪ Disable dynamic switchport mode on your switchports

Question 20

Malware

Answer 20

▪ Designed to infiltrate a computer system and possibly damage it without
the user’s knowledge or consent

Question 21

Virus

Answer 21

▪ Made up of malicious code that is run on a machine without the user’s
knowledge and infects it whenever that code is run

Question 22

Worm

Answer 22

▪ A piece of malicious software that can replicate itself without user
interaction

Question 23

Trojan Horse

Answer 23

▪ A piece of malicious software disguised as a piece of harmless or
desirable software

Question 24

Remote Access Trojan (RAT)

Answer 24

▪ Provides the attacker with remote control of a victim machine

Question 25

Ransomware

Answer 25

▪ Restricts access to a victim’s computer system or files until a ransom or payment is received

Question 26

Spyware

Answer 26

▪ Gathers information about you without your consent

Question 27

Key Logger

Answer 27

▪ Captures any key strokes made on the victim machine

Question 28

Rootkit

Answer 28

▪ Designed to gain administrative control over a computer system or network device without being detected

Question 29

Rogue Access Point

Answer 29

▪ A wireless access point that has been installed on a secure network without authorization from a local network administrator

Question 30

Shadow IT

Answer 30

▪ Use of IT systems, devices, software, applications, or services without the explicit approval of the IT department

Question 31

Evil Twin

Answer 31

▪ Wireless access point that uses the same name as your own network

Question 32

Deauthentication

Answer 32

▪ Attempts to interrupt communication between an end user and the wireless access point

Question 33

Dictionary Attack

Answer 33

▪ Guesses the password by attempting to check every single word or phrase contained within a word list, called a dictionary ▪ Do not use anything that looks like a regular word

Question 34

Brute Force Attack

Answer 34

▪ Tries every possible combination until they figure out the password ▪ Use a longer and more complicated password

Question 35

Hybrid Attack

Answer 35

▪ Combination of dictionary and brute force attacks

Question 36

Wireless Interception

Answer 36

▪ Captures wireless data packets as they go across the airwaves

Question 37

Wireless Interception

Answer 37

▪ Captures wireless data packets as they go across the airwaves

Question 38

Social Engineering

Answer 38

▪ Any attempt to manipulate users to reveal confidential information or perform actions detrimental to a system’s security ▪ The weakest link is our end users and employees

Question 39

Phishing

Answer 39

▪ Sending an email in an attempt to get a user to click a link ▪ Sending out emails to capture the most people and doesn’t really target any particular person or group

Question 40

Spearphishing

Answer 40

▪ More targeted form of phishing

Question 41

Whaling

Answer 41

▪ Focused on key executives within an organization or other key leaders, executives, and managers in the company

Question 42

Tailgating

Answer 42

▪ Entering a secure portion of the organization’s building by following an authorized person into the area without their knowledge or consent

Question 43

Piggybacking

Answer 43

▪ Similar to tailgating, but occurs with the employee’s knowledge or consent

Question 44

Shoulder Surfing

Answer 44

▪ Coming up behind an employee and trying to use direct observation to obtain information

Question 45

Dumpster Diving

Answer 45

▪ Scavenging for personal or confidential information in garbage or recycling containers

Question 46

Insider Threat

Answer 46

o An employee or other trusted insider who uses their authorized network access in unauthorized ways to harm the company

Question 47

Logic Bomb

Answer 47

o A specific type of malware that is tied to either a logical event or a specific time