Chapter 14 - Network Threats and Mitigation

Question 1

it prevents users from accessing the
network and/or its resources.

Answer 1

Denial of Service (DoS)

Question 2

used to see whether a computer is responding to IP requests.

Answer 2

The Ping of Death

Question 3

version of a DoS attack that floods its victim with spoofed broadcast ping messages.

Answer 3

Smurf

Question 4

DoS attack that inundates the receiving machine with
lots of meaning-less packets.

Answer 4

SYN Flood

Question 5

they initiate synchronized DoS attacks from multiple sources and
can target multiple devices.

Answer 5

Tribe Flood Network (TFN) and Tribe Flood Network 2000 (TFN2K)

Question 6

are basically little programs that can display a
message, delete files, or even send out huge amounts of meaningless data over a network to block legitimate messages.

Answer 6

Viruses

Question 7

do their damage by replacing some or all of the
targetprogram’s code with their own. Executable on files ending in
.COM, .EXE, and .DLL.

Answer 7

File Viruses

Question 8

automatically carry out tasks without requiring a

user to initiate them, usually harmless. (i.e. Visual Basic macro-
scripting)

Answer 8

Macro Viruses

Question 9

overwrite your boot sector, making it
appear as if there’s no pointer to your operating system. Missing
Operating System or Hard Disk Not Found error message.

Answer 9

Boot-Sector Viruses

Question 10

affects both the boot sector and files (i.e.Anthrax and Tequila)

Answer 10

Multipartite Viruses

Question 11

fake source address packets.

Answer 11

IP Spoofing

Question 12

holes in software that’s running on our
servers.

Answer 12

Application-Layer Attacks

Question 13

miniature programs contain viruses, or snoop, or spyware programs.

Answer 13

Active-X Attacks

Question 14

a rootkit to probe, scan, and then capture data.

Answer 14

Autorooters

Question 15

hacker can use their previously placed inroads into a
specific host or a network whenever they want to.

Answer 15

Backdoors

Question 16

Hackers gather info on a network
before attacking.

Answer 16

Network Reconnaissance

Question 17

capture network traffic, including sensitive data
like passwords.

Answer 17

Packet Sniffers

Question 18

Hackers use various methods to steal
passwords.

Answer 18

Password Attacks

Question 19

tries every possible password to gain
access.

Answer 19

Brute-Force Attacks

Question 20

redirect network traffic to a
compromised system, bypassing firewalls.

Answer 20

Port-Redirection Attacks

Question 21

exploit internal network trust to
access sensitive systems.

Answer 21

Trust-Exploitation Attacks

Question 22

Intercepted data is read by a third
party during transmission.

Answer 22

Man-in-the-Middle Attacks

Question 23

a lot like viruses—only worse, can actively replicate
without requiring you to do anything like open an infected file.

Answer 23

Worms

Question 24

are unauthorized wireless networks set up within a secure network. These can be accidental or intentional. They pose a serious security risk, especially for man-in-the-middle attacks.

Answer 24

Rogue Access Points

Question 25

is when Hackers often trick users into revealing sensitive information. Common tactics include fake emails, phone calls, or in-person interactions. These attacks relyon deception and exploit trust to steal personal data.

Answer 25

Social Engineering (Phishing)

Question 26

# MITIGATION TECHNIQUES involves constantly scanning the network for possible break-ins. Special network software like Cisco’s NetRanger offers real-time intrusion detection.

Answer 26

Active Detection

Question 27

Involves logging all network events to a file. This provides historical data that can be accessed for later review and analysis.

Answer 27

Passive Detection

Question 28

Focuses on preventing breaches in ecurity through solid research and maintenance by being udated on any known vulnerabilities and applying patches to them accordingly. It also involves the use of tools to identify and fix said security holes before they can be exploited.

Answer 28

Proactive Detection

Question 29

A company should have written policies to effectively enable security on their computer networks.

Answer 29

Policies and Procedures

Question 30

should precisely define how security is to be implemented within an organization and include physical security, document security, and network security.

Answer 30

Security Policies

Question 31

# Security Policies a thorough examination of your network that includes testing all its components to make sure everything is secure.

Answer 31

Security Audit

Question 32

# Security Policies requiring that all potentially important documents like books, schematics, confidential letters, notes to self, and so on are not left out in the open when someone is away from their desk.

Answer 32

Clean-Desk Policy

Question 33

# Security Policies like tape recorders, cell phones, and small- memory devices like, that can contain sensitive, confidential information should prohibit their unauthorized presence and use.

Answer 33

Recording Equipment