Quiz Questions from Lessons Flashcards Preview

CS6262 Final > Quiz Questions from Lessons > Flashcards

Flashcards in Quiz Questions from Lessons Deck (118)
Loading flashcards...
1

Subnet Spoofing

Generate random addresses within
a given address space.

2

Random Spoofing

Generate 32-bit numbers and stamp
packets with them.

3

Fixed Spoofing

The spoofed address is the address
of the target.

4

Server Application DOS attack

The attack is targeted to a specific
application on a server

5

Network Access DOS attack

The attack is used to overload or
crash the communication mechanism of a
network.

6

Infrastructure DOS attack

The motivation of this attack is a
crucial service of a global internet
operation, for example core router

7

Random Scanning

Each compromised computer probes
random addresses

8

Permutation Scanning

All compromised computers share a
common pseudo-random permutation of the
IP address space.

9

Signpost Scanning

Uses the communication patterns of the
compromised computer to find new target.

10

Hitlist Scanning

A portion of a list of targets is supplied to
a compromised computer.

11

Which of these are reasons why the UDP-based NTP
protocol is particularly vulnerable to amplification attacks?

A small command can generate a large response.
Vulnerable to source IP spoofing.
It is difficult to ensure computers communicate only with legitimate NTP severs.

12

The server must reject all TCP options because the server discards the SYN queue entry. T or F?

True

13

With regards to a UDP flood attack, which of the
following statements are true:

Attackers can spoof the IP address of their UDP packets
Firewalls cannot stop a flood because the firewall is
susceptible to flooding.

14

Client puzzles should be stateless

True

15

Puzzle complexity should increase as the strength of the
attack increases.

True

16

Which of the following are assumptions that can be
made about Traceback?

Attackers may work alone or in groups

17

Select all the statements that are true for edge
sampling:

Multiple attackers can be identified since edge identifies splits in reverse path
Requires space in the IP packet header

18

Self defense against reflector attacks should
incorporate:

Server redundancy - servers should be located in multiple networks and locations.
Traffic limiting - traffic from a name server should be limited
to reasonable thresholds.

19

Deep web

It is not indexed by standard search
engines

20

Dark web

Web content that exists on darknets

21

Surface web

Readily available to the public, and
searchable with standard search engines

22

Doorway pages

A webpage that lists many keywords, in
hopes of increasing search engine
ranking. Scripts on the page redirect to
the attackers page.

23

Crypters

A program that hides malicious code
from anti-virus software

24

Blackhat Search Engine Optimizer

It increases traffic to the attacker’s site
by manipulating search engines.

25

Trojan Download Manager

Software that allows an attacker to
update or install malware on a victim’s
computer.

26

What are the two defining characteristics of internet spam?

Inappropriate or irrelevant
Large number of recipients

27

Name the top three countries where spam directed visitors
added items to their shopping cart:

United States
Canada
Philippines

28

Which events should trigger a penetration test?

Applications are added or modified
End user policies are changed
Security patches are installed
Infrastructure is added or modified

29

List the steps attackers used to access RSA’s Adobe Flash software:

Identify employees that are
vulnerable
Craft an email subject line that
entices an employee to open it
Hide an executable file in the
email that will install onto the
victim's computer when the
email is opened

30

Flash or CD Autoplay Attack

A flash is created that has a program that
creates a connection to the exploit server