OBJ 4.2 X Flashcards
Denial-of-service (DoS)/distributed denial-of-service (DDoS)
Occurs when an attacker uses multiple computers to ask for access to the same server at the same time
Botnet/command and control
A collection of compromised computers under the control
of a master node
On-path attack (previously known as man-in-the-middle attack)
Occurs when an attacker puts themselves between the victim and the intended destination
DNS poisoning
Occurs when an attacker manipulates known vulnerabilities within the DNS to reroute traffic from one site to a fake version of that site
VLAN hopping
Ability to send traffic from one VLAN into another, bypassing the VLAN
segmentation you have configured within your Layer 2 networks
ARP spoofing
▪ Sending falsified ARP messages over a local area network
▪ ARP spoofing attack can be used as a precursor to other attacks
▪ Set up good VLAN segmentation within your network
Rogue DHCP
A DHCP server on a network which is not under the administrative control of the network administrators
Rogue access point (AP)
A wireless access point that has been installed on a secure network
without authorization from a local network administrator
Evil twin
Wireless access point that uses the same name as your own network
Ransomware
Restricts access to a victim’s computer system or files until a ransom or payment is received
Brute-force
▪ Tries every possible combination until they figure out the password
▪ Use a longer and more complicated password
Dictionary
Guesses the password by attempting to check every single word or
phrase contained within a word list, called a dictionary
MAC spoofing
Changing the MAC address to pretend the use of a different network interface card or device
IP spoofing
▪ Modifying the source address of an IP packet to hide the identity of the
sender or impersonate another client
▪ IP spoofing is focused at Layer 3 of the OSI model
Deauthentication
Attempts to interrupt communication between an end user and the wireless access point
