Chapter 05 Quiz – Networking and Server Attacks

Question 1

Question # 01

A SYN flood attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim’s computer.

a. True
b. False

Answer 1

b. False

Question 2

Question # 02

Traditional network security devices can block traditional network attacks, but they cannot always block web application attacks.

a. True
b. False

Answer 2

a. True

Question 3

Question # 03

A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.

a. True
b. False

Answer 3

a. True

Question 4

Question # 04

In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow.

a. True
b. False

Answer 4

a. True

Question 5

Question # 05

What type of attack intercepts communication between parties to steal or manipulate the data?

a. replay
b. MAC spoofing
c. man-in-the-browser
d. ARP poisoning

Answer 5

c. man-in-the-browser

Question 6

Question # 06

What protocol can be used by a host on a network to find the MAC address of another device based on an IP address?

a. DNS
b. ARP
c. TCP
d. UDP

Answer 6

b. ARP

Question 7

Question # 07

What type of additional attack does ARP spoofing rely on?

a. DNS Poisoning
b. replay
c. MITB
d. MAC spoofing

Answer 7

d. MAC spoofing

Question 8

Question # 08

What type of privileges to access hardware and software resources are granted to users or devices?

a. access privileges
b. user rights
c. access rights
d. permissions

Answer 8

c. access rights

Question 9

Question # 09

What language below is used to view and manipulate data that is stored in a relational database?

a. C
b. DQL
c. SQL
d. ISL

Answer 9

c. SQL

Question 10

Question # 10

Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?

a. whatever AND email IS NULL; –
b. whatever; AND email IS NULL; –
c. whatever” AND email IS NULL; –
d. whatever’ AND email IS NULL; –

Answer 10

d. whatever’ AND email IS NULL; –

Question 11

Question # 11

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

a. Session replay
b. Session spoofing
c. Session hijacking
d. Session blocking

Answer 11

c. Session hijacking

Question 12

Question # 12

Which type of attack below is similar to a passive man-in-the-middle attack?

a. replay
b. hijacking
c. denial
d. buffer overflow

Answer 12

a. replay

Question 13

Question # 13

When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

a. HTTP
b. NSDB
c. URNS
d. DNS

Answer 13

d. DNS

Question 14

Question # 14

On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?

a. Privilege escalation
b. DNS cache poisoning
c. ARP poisoning
d. Man-in-the-middle

Answer 14

a. Privilege escalation

Question 15

Question # 15

What type of web server application attacks introduce new input to exploit a vulnerability?

a. language attacks
b. cross-site request attacks
c. hijacking attacks
d. injection attacks

Answer 15

d. injection attacks

Question 16

Question # 16

If an attacker purchases and uses a URL that is similar in spelling and looks like a well-known web site in order for the attacker to gain Web traffic to generate income, what type of attack are they using?

a. spoofing
b. URL hijacking
c. Web squatting
d. typo hijacking

Answer 16

b. URL hijacking

Question 17

Question # 17

What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor?

a. pointer hack
b. DNS spoofing
c. clickjacking
d. domain hijacking

Answer 17

d. domain hijacking

Question 18

Question # 18

Where are MAC addresses stored for future reference?

a. MAC cache
b. Ethernet cache
c. ARP cache
d. NIC

Answer 18

c. ARP cache

Question 19

Question # 19

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?

a. ARP poisoning
b. man-in-the-middle
c. denial of service
d. DNS poisoning

Answer 19

a. ARP poisoning

Question 20

Question # 20

What criteria must be met for an XXS attack to occur on a specific website?

a. The website must accept user input while validating it and use that input in a response
b. The website must accept user input without validating it and use that input in a response.
c. The website must not accept user input without validating it and use that input in a response.
d. The website must accept user input while validation it and omit that input in a response

Answer 20

b. The website must accept user input without validating it and use that input in a response.

Question 21

Question # 21

If a MAC address is permanently “burned” into a network interface card, how can an attacker change the MAC address to perform an ARP poisoning attack?

Answer 21

A MAC address is permanently “burned” into a network interface card (NIC) so that there is not a means of altering the MAC address on a NIC.

However, because the MAC address is stored in a software ARP cache, it can be change there, which would then result in the corresponding IP address pointing to a different computer.

This process allows an ARP poisoning attack to occur.

Question 22

Question # 22

What are the three areas of protection provided by IPSEC?

Answer 22

Authentication, confidentiality, and key management.