Chapter 05 Quiz – Networking and Server Attacks Flashcards
Questions 22
Question # 01
A SYN flood attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim’s computer.
a. True
b. False
b. False
Question # 02
Traditional network security devices can block traditional network attacks, but they cannot always block web application attacks.
a. True
b. False
a. True
Question # 03
A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.
a. True
b. False
a. True
Question # 04
In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.
a. True
b. False
a. True
Question # 05
What type of attack intercepts communication between parties to steal or manipulate the data?
a. replay
b. MAC spoofing
c. man-in-the-browser
d. ARP poisoning
c. man-in-the-browser
Question # 06
What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?
a. DNS
b. ARP
c. TCP
d. UDP
b. ARP
Question # 07
What type of additional attack does ARP spoofing rely on?
a. DNS Poisoning
b. replay
c. MITB
d. MAC spoofing
d. MAC spoofing
Question # 08
What type of privileges to access hardware and software resources are granted to users or devices?
a. access privileges
b. user rights
c. access rights
d. permissions
c. access rights
Question # 09
What language below is used to view and manipulate data that is stored in a relational database?
a. C
b. DQL
c. SQL
d. ISL
c. SQL
Question # 10
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
a. whatever AND email IS NULL; –
b. whatever; AND email IS NULL; –
c. whatever” AND email IS NULL; –
d. whatever’ AND email IS NULL; –
d. whatever’ AND email IS NULL; –
Question # 11
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
a. Session replay
b. Session spoofing
c. Session hijacking
d. Session blocking
c. Session hijacking
Question # 12
Which type of attack below is similar to a passive man-in-the-middle attack?
a. replay
b. hijacking
c. denial
d. buffer overflow
a. replay
Question # 13
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
a. HTTP
b. NSDB
c. URNS
d. DNS
d. DNS
Question # 14
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
a. Privilege escalation
b. DNS cache poisoning
c. ARP poisoning
d. Man-in-the-middle
a. Privilege escalation
Question # 15
What type of web server application attacks introduce new input to exploit a vulnerability?
a. language attacks
b. cross-site request attacks
c. hijacking attacks
d. injection attacks
d. injection attacks
Question # 16
If an attacker purchases and uses a URL that is similar in spelling and looks like a well-known web site in order for the attacker to gain Web traffic to generate income, what type of attack are they using?
a. spoofing
b. URL hijacking
c. Web squatting
d. typo hijacking
b. URL hijacking
Question # 17
What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor?
a. pointer hack
b. DNS spoofing
c. clickjacking
d. domain hijacking
d. domain hijacking
Question # 18
Where are MAC addresses stored for future reference?
a. MAC cache
b. Ethernet cache
c. ARP cache
d. NIC
c. ARP cache
Question # 19
What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?
a. ARP poisoning
b. man-in-the-middle
c. denial of service
d. DNS poisoning
a. ARP poisoning
Question # 20
What criteria must be met for an XXS attack to occur on a specific website?
a. The website must accept user input while validating it and use that input in a response
b. The website must accept user input without validating it and use that input in a response.
c. The website must not accept user input without validating it and use that input in a response.
d. The website must accept user input while validation it and omit that input in a response
b. The website must accept user input without validating it and use that input in a response.
Question # 21
If a MAC address is permanently “burned” into a network interface card, how can an attacker change the MAC address to perform an ARP poisoning attack?
A MAC address is permanently “burned” into a network interface card (NIC) so that there is not a means of altering the MAC address on a NIC.
However, because the MAC address is stored in a software ARP cache, it can be change there, which would then result in the corresponding IP address pointing to a different computer.
This process allows an ARP poisoning attack to occur.
Question # 22
What are the three areas of protection provided by IPSEC?
Authentication, confidentiality, and key management.