Attack types

Question 1

Steals data from Bluetooth-enabled devices

Answer 1

Bluesnarfing

Question 2

Takes over a user’s session by obtaining or predicting a valid session token

Answer 2

Session Hijack

Question 3

Sends unsolicited messages over Bluetooth to nearby devices

Answer 3

Bluejacking

Question 4

Chains multiple SQL commands with a delimiter to execute them sequentially

Answer 4

Stacked Queries

Question 5

Increases the volume of an attack by using network resources to magnify traffic

Answer 5

Amplification Attack

Question 6

Intercepts network handshakes to crack wireless encryption keys

Answer 6

Handshake capture

Question 7

Intercepts data on a network by linking an attacker’s MAC to a legitimate IP address

Answer 7

ARP Poisoning

Question 8

Fakes a login or splash page to capture user credentials

Answer 8

Captive PortalS

Question 9

Sets up a rogue WiFi access point to intercept wireless communications

Answer 9

Evil Twin

Question 10

Impersonates devices by mimicking their MAC addresses

Answer 10

MAC Spoofing

Question 11

Deceives a user into submitting a malicious request via image tags, hidden forms, etc

Answer 11

CSRF

Question 12

Bypasses network segmentation by sending packets to a switch that forwards them to other VLANs

Answer 12

VLAN Hopping

Question 13

Reflects a malicious script off of a web application to the user’s browser

Answer 13

XSS - Reflected

Question 14

Masquerades as a legitimate entity by falsifying data to gain an advantage

Answer 14

Spoofing

Question 15

Reuses valid data transmission to fraudulently or maliciously repeat or delay operations

Answer 15

Session Replay

Question 16

Exploits Windows network protocols to intercept traffic and gain credentials

Answer 16

LLMNR/NBT-NS Poisoning

Question 17

Forcibly disconnects devices from a network

Answer 17

Deauthentication

Question 18

Exploits vulnerable web applications to force them to make requests to unintended locations

Answer 18

SSRF

Question 19

Attempts to access a large number of accounts with commonly used passwords

Answer 19

Password Spraying

Question 20

Captures authentication session to access a network resource without credentials

Answer 20

NTLM Relay Attacks

Question 21

Denies service to valid users by overwhelming a system with requests

Answer 21

DoS

Question 22

Captures and retransmits signals, such as from a key fob, to gain unauthorized access

Answer 22

Relay Attacks

Question 23

exploits Kerberos authentication to crack passwords of service accounts

Answer 23

Kerberoasting

Question 24

Systematically tries every possible password combination

Answer 24

Brute Force

Question 25

Intercepts data between two parties to steal or modify it

Answer 25

On-path Attack

Question 26

Stores malicious script in server databases to execute whenever the stored data is viewed

Answer 26

XSS-Persistent

Question 27

Triggers malicious actions on a web application where a user is authenticated

Answer 27

XSRF

Question 28

Uses a pre-arranged list of likely passwords

Answer 28

Dictionary Attack

Question 29

Copies RFID tags for unauthorized access to secure areas

Answer 29

RFID Cloning

Question 30

Inserts false information into DNS cache to redirect users to malicious sites

Answer 30

DNS Cache Poisoning