Section 14: Network Attacks

Question 1

What is a Denial-of-Service (DoS) Attack?

Answer 1

Occurs when one machine continually floods a victim with requests for services

Question 2

What is a Distributed Denial of Service (DDoS) Attack?

Answer 2

Occurs when an attacker uses multiple computers to ask for access to the same server at the same time

Question 3

What is a Botnet?

Answer 3

A collection of compromised computers under the control of a master node

Question 4

What is a On-Path/Man-in-the-Middle (MITM) Attack?

Answer 4

Occurs when an attacker puts themselves between the victim and the intended destination

Question 5

What is DNS Poisoning?

Answer 5

Occurs when an attacker manipulates known vulnerabilities within the DNS to reroute traffic from one site to a fake version of that site

Question 6

What is VLAN Hopping?

Answer 6

Ability to send traffic from one VLAN into another, bypassing the VLAN segmentation you have configured within your Layer 2 networks

Question 7

What is ARP Spoofing?

Answer 7

Sending falsified ARP messages over a local area network

Question 8

What is a Rogue DHCP Server?

Answer 8

A DHCP server on a network which is not under the administrative control of the network administrators

Question 9

What is a Rogue Access Point?

Answer 9

A wireless access point that has been installed on a secure network without authorization from a local network administrator

Question 10

What is an Evil Twin?

Answer 10

A wireless access point that uses the same name as your own network

Question 11

What is Ransomware?

Answer 11

Restricts access to a victim’s computer system or files until a ransom or payment is received

Question 12

What is a Brute Force Attack?

Answer 12

Tries every possible combination until they figure out the password

Question 13

What is a Dictionary Attack?

Answer 13

Guesses the password by attempting to check every single word or phrase contained within a word list.

Question 14

What is MAC Spoofing?

Answer 14

Changing the MAC address to pretend the use of a different network interface card or device

Question 15

What is IP Spoofing?

Answer 15

Modifying the source address of an IP packet to hide the identity of the sender or impersonate another client

IP spoofing is focused at Layer 3

Question 16

What is Deauthentication?

Answer 16

Attempts to interrupt communication between an end user and the wireless access point

Question 17

What is Malware?

Answer 17

Designed to infiltrate a computer system and possible damage it without the user’s knowledge or consent

Question 18

What is Social Engineering?

Answer 18

Any attempt to manipulate users to reveal confidential information or perform actions detrimental to a system’s security

Question 19

What is Phishing?

Answer 19

Sending an email in an attempt to get a user to click a link

Question 20

What is Tailgating?

Answer 20

Entering a secure portion of the organization’s building by following an authorized person into the area without their knowledge or consent

Question 21

What is Piggybacking?

Answer 21

Similar to tailgating, but occurs with the employee’s knowledge or consent

Question 22

What is Shoulder Surfing?

Answer 22

Coming up behind an employee and trying to use direct observation to obtain information