Chapter 1.4 - Network Attacks

Question 1

Evil Twin

Answer 1

Access point that looks like an existing network
Wireless version of phishing

Question 2

Rogue Access Point

Answer 2

Unauthorized wireless access point
Not necessarily malicious
Potential backdoor

Question 3

Bluesnarfing

Answer 3

Access a Bluetooth device and transfer data
Examples: contact list, calendar, emails, pictures, videos, etc.

Question 4

Bluejacking

Answer 4

Sending unsolicited messages to another device via Bluetooth

Question 5

Disassociation

Answer 5

Cyberattack where a hacker forces a device to lose internet connectivity either temporarily or for an extended time
Wireless DoS attack

Question 6

Jamming

Answer 6

Prevent wireless communication by transmitting interfering wireless signals
DoS
Could be accidental: microwaves, lights, etc.

Question 7

Radio Frequency Identification (RFID)

Answer 7

Electromagnetic fields to automatically identify and track tags attached to objects
Examples: access badges, pet/ animal identification, etc.

Question 8

Near-field Communication (NFC)

Answer 8

Set of communication protocols that enables communication between two electronic devices over a short distance

Question 9

Initialization Vector (IV)

Answer 9

A type of nonce
Used for randomizing an encryption scheme
Examples: encryption ciphers, WEP, SSL implementations

Question 10

On-Path Network Attack (man-in-the-middle attack/ main-in-the-browser attack)

Answer 10

When an aggressor sits in the center between two stations and can catch, and sometimes, change that data that is being sent intelligently across the organization

Question 11

Address Resolution Protocol (ARP) Poisoning

Answer 11

A form of spoofing attack that hackers use to intercept data
Used by attacker in an on-path attack

Question 12

Media Access Control (MAC) Flooding

Answer 12

The flooding of MAC addresses in the MAC table forcing out the legitimate MAC addresses
Switch begins flooding traffic to all interfaces
Switch turns into a hub and all traffic is transmitted to all interfaces

Question 13

MAC Cloning

Answer 13

Attacker changes their MAC address to match the MAC address of an existing device

Question 14

Domain Hijacking

Answer 14

Getting access to the domain registration letting you have control where the traffic goes

Question 15

DNS Poisoning

Answer 15

When fake information is entered into the cache of a domain name server, resulting in DNS queries producing an incorrect reply, sending users to the wrong website

Question 16

Uniform Resource Locator (URL) Redirection

Answer 16

Vulnerability which allows an attacker to force users of your application to an untrusted external site
Click a link and get sent to a malicious site

Question 17

Domain Reputation

Answer 17

The health or condition of your branded domain
Example: email - might not be able to send or receive emails

Question 18

Domain Name System

Answer 18

The system by which internet domain names and addresses are tracked and regulated

Question 19

Distributed Denial-of-service (DDoS)

Answer 19

An army of computer to overload and bring down a service
Use all bandwidth or resources

Question 20

Application DoS

Answer 20

Making an application break or work harder
Examples: fill disk space, overuse of resources, increase response time

Question 21

Operational Technology (OT) DoS

Answer 21

Overload the hardware and software for industrial equipment
Examples: Power grids, traffic lights, etc.

Question 22

PowerShell (Malicious Code)

Answer 22

Attacks windows systems by accessing domains and files
.ps1 file extension

Question 23

Python (Malicious Code)

Answer 23

Attacks infrastructure (routers, switches, servers) and used for cloud orchestration
.py file extension

Question 24

Bash (Malicious Code)

Answer 24

Used in shell script to attack the Linux/ Unix environment (web, database, etc.)
.sh file extension

Question 25

Macros (Malicious Code)

Answer 25

Use to automate functions and make application easier to use
Attackers create automated exploits by the user opening the file and have the macro run

Question 26

Visual Basic for Applications (VBA) (Malicious Code)

Answer 26

Automates processes within Windows applications
CVE-2010-0815 / MS10-031 - Allows arbitrary code embedded in a document to run

Question 27

On-Path Browser Attack

Answer 27

An aggressor is on the same computer as the victim using malware that takes information from victim

Question 28

Denial of Service

Answer 28

Overload a service and force it to fail