Chapter 14 Flashcards

1
Q

What does a Denial of Service Attack Do?

A

Prevents the user from accessing the network or its resources. p. 474

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name some Denial of Service Attacks.

A

The ping of death, unreachable gateway, Distributed DOS, Friendly DOS, physical attack, Permanent DOS, Smurf, SYN Flood, Stacheldraht, Reflective/Amplified attacks, ARP Cache Poisoning, Packet protocol abuse, p. 474-480

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe the Ping of Death.

A

A lot of ICMP packets are sent to a remote host victim. This overwhelms their victims buffer p. 474

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Why would an attacker make a host’s default gateway unreachable?

A

To get the host to change their gateway address to an address controlled by the attacker. p. 474

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define Botnet.

A

In a distributed DoS a group of people combine efforts to accomplish an attack. p. 475

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

true or false: A Phlashing Denial of Service attacks the firmware located in many systems.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a smurf?

A

Its an attack that floods its victim with spoofed broadcasts ping messages. p.477

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe what happens during an SYN Flood.

A

A DOS attack that floods the receiving machine with lots of packets that cuase the victim to waste resources by holding connections open. p. 478

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does Stacheldraht mean?

A

its “barbed wire” in german. it incorporates TFN and adds encryption. p. 478

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what protocols does a Reflective/Amplified Attack use to attack a victim?

A

DNS and NTP. p. 478

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How does a DNS amplification attack work?

A

The attacker delivers traffic to the victim by reflecting it off a third party. p. 479

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How is an NTP attack differ from a DNS attack?

A

Instead of the attacks being reflected from DNS servers they are reflected from NTP servers. p. 479

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How is ARP cache poisoning accomplished?

A

By pinging a device with a spoofed IP address. p. 480

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How is Packet/Protocol Abuse accomplished?

A

By concealing one protocol within another. It allows it to get passed a firewall. p. 480

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Define Spoofing.

A

Changing a source IP address so that one computer appears to be a different computer. p. 481

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Describe a Brute force attack.

A

Trying to guess every password. p. 482

17
Q

What are some ways that session hijacking may be accomplished?

A

Session FIxation
Session Sidejacking
Cross Site Scripting p. 482

18
Q

Define Session Fixation.

A

An attacker sends a link to the victim. When the user connects, the attacker waits for authenticate and then takes over the session by disconnecting the user and use the session ID he set in the beginning to attack. p. 482

19
Q

Define Session Sidejacking

A

The attacker uses a sniffer to steal a session cookie from the user. (or steal the session key from the computer’s memory) p. 482

20
Q

Define Cross Site Scripting

A

The atacker uses the user’s computer to run code on the site that may allow him to obtain the cookie. The attacker does this by putting malware on the victim’s computer. The malware runs the code on the site after the user authenticates to the site. p.482

21
Q

True or False: VLANs are layer 1 subdivisios of the ports in a single switch.

A

False (they are layer 2) p. 482

22
Q

True or false: RADIUS is an example of Authentication.

A

True p. 483

23
Q

What key trait of viruses allows them to effect many users?

A

They can replicate to other computers when someone clicks on a link. p. 484

24
Q

How can you mitigate the effects of a worm?

A

Place limits on sharing, writing and executing programs. p. 485

25
Q

True or false: MAC operating systems are immune to viruses.

A

False