Chapter 14: Network Threats and Attacks

Question 1

{Blank} (or Malicious software) is one of the most significant threats to computer security. These objects infect computer systems and then perform some type of evil action: possibly stealing information, damanging data, or otherwise disrupting normal use of the system.

Answer 1

Malware

Question 2

What are the two components does malware have?

Answer 2

1. Propagation mechanism
2. A payload

Question 3

The {blank} is how the malware spreads from one system to another.

Answer 3

Propagation mechanism

Question 4

The {blank} is the malicious action that the malware performs.

Answer 4

Payload

Question 5

{Blank} spread between systems after a user action.

Answer 5

Viruses

Question 6

{Blank} spread under their own power.

Answer 6

Worms

Question 7

{Blank} pose as beneficial software with a hidden malicious effect.

Answer 7

Trojan Horses

Question 8

On-path attacks take evesdropping to the next level by inserting an attacker in between the client and the server.

What are the two types of on-path attacks?

Answer 8

• Man-in-the-Middle (MitM)
• Man-in-the-Browser (MitB)

Question 9

In a {blank} attack, the attacker tricks the sending syatem into communicating with the attacker, rather than the intended server. The user authenticates to the fake server set up by the attacker, and the attacker acts as a relay and can view all the communications that take place between the client and the server.

Answer 9

Man-in-the-Middle (MitM)

Question 10

The {blank} attack is a variation on the man-in-the-middle attack, where the attacker compromises the user’s web browser or browser plugin or extension to gain access to web communication. The major difference is that the attacker isn’t present on a different network device from the user and server. The attacker is actually present on the user’s computer.

Answer 10

Man-in-the-Browser (MitB)

Question 11

{Blank} attacks send unwanted traffic from a single attacker system to a victim server, overwhelming it with requests.

Answer 11

Denial-of-Service (DoS)

Question 12

{Blank} attacks use a botnet to send the traffic from many different sources.

Answer 12

Distributed Denial-of-Service (DDoS)

Question 13

Kim is the system administrator for a small business network that is experiencing securoty problems. She is in the office one evening working on the problem, and nobody else is there. As she is watching, she can see that systems on the other side of the office that were previously behaving normally are now exhibiting signs of infection one after the other. Which type of malware is Kim likely dealing with?

A. Virus
B. Worm
C. Trojan Horse
D. Logic bomb

Answer 13

Worm

Question 14

Which one of the following statements about denial-of-service (DoS) attacks is incorrect?

A. They originate from many different sources.
B. They can disrupt the availability of systems.
C. They require large amounts of bandwidth.
D. They are easily detectible.

Answer 14

They originate from many different sources.