StudyGuide2_448 Flashcards
Exam2 (31 cards)
___ is the lowest layer in TCP/IP hierarchy
- Link layer (network access)
___ is the term applied to basic unit of data that passes through link layer
- Data frames
(T/F) TCP is a connectionless protocol?
False
___ is the second lowest layer in the TCP/IP hierarchy
- Internet (from host to server)
(T/F) IP is a connection-oriented protocol?
False
_____ is transport layer with TCP/IP
Transmission Control Protocol(TCP)
__ enables the receiving TCP/Ip stack to reconstruct the data stream at the destination in correct order
Sequence number
_______ and __________ are two transport layer protocols within TCP/IP
- TCP and UDP
_____ is the top layer of the TCP/IP stack
- Application
List three physical layer protocols
1) Ethernet
2) Fiber optic
3) Wi-Fi (IEEE 802.11),
4) DSl
5) ETC…
If a network interface is place in _________ mode, it will receive all the network traffic irrespective of source destination
- promiscuous
__________ and _______ are two address types that corresponds to a networked computer
- Mac and IP
_____________ is the protocol that resolves IP address into MAC ID’s
- ARP (address resolution protocol)
Explain the following Teardrop attack:
hacker.net 22 > target.org 33: UDP (frag 123:64@0++)
hacker.net 22 > target.org (frag 123:20@24)
The first packet has number 123 with data size 64 and starting offset 0, and ++ suggest oversize or manipulated to overlap with the next fragment.
The second packet is also 123 with 20 byte size and starting offset of 24 bytes.
Therefor the overlapping offset in the packets cause the target to attempt to reassemble themselves incorrectly and lead to potential system crash.
In a Smurf attack which of the two Ip addresses are spoofed?
a) Source
b) destination
Source
What is the procedure used to establish a TCP/IP connection between two host
3 way handshake
________ Spoofing occurs when the attacker’s computer is on the same subnet as the victim
- Non-blind (TCP)
_______ spoofing occurs when the attack must guess the victim TCP layer generate Sequence number
- Blind (TCP)
______ attack employ spoofing to intercept network traffic and/or take over network session
- Denial of service (DOS)
- Man In the Middle (MITM)
_____ compromise an operating system kernel
- Kernel model rootkits
If we describe the complexity of a string as R**L, where R is the radix of the symbol set and L is the length of the passwords string, in most practical situation increasing __ adds more security than increasing __
- Length(L) than radix (R)
The fact that HTTP is ___ requires that storage of transaction information to create online shopping carts
- Stateless
____ is an HTML image tag occurring within a web page that may result in malicious activity
- Web bug
List three types of information that may be harvested by the means of web bugs
1) IP address of computer users
2) Data and time of page view
3) Browser type and monitor resolution
