Chapter 4 Network Attack Indicators

Question 1

What is an Evil Twin Attack?

Answer 1

An attack against the wireless protocol via substitute hardware. The attack uses an access point owned by an attacker that usually has been enhanced with high-power and higher-gain antennas to look like a better connection to the users and compuuters attaching to it.

Question 2

What is a Rouge Access Point?

Answer 2

An Access Point that is usually placed on an internal network either by accident or for nefarious reasons.

Question 3

What is Bluesnarfing?

Answer 3

Copying off the victims info such as e-mails, contact lists, calendars, and anything else that exists on that device

Question 4

What is Bluejacking?

Answer 4

Sending unauthorized messages to another Bluetooth device

Question 5

What is Disassociation Attacks?

Answer 5

Attacks against a wireless system designed to disassociate a host from the wireless access point and from the wireless network

Question 6

What is Jamming?

Answer 6

A form of denial of service that specifically targets the radio spectrum aspect of wireless

Question 7

What is Radio Frequency Identification (RFID) tags

Answer 7

Tags used to identify someone via radio frequency

Question 8

What is Near Field Communications (NFC)?

Answer 8

A set of wireless tech that enable smartphones and other devices to establish radio communication over a short distance around 10 cm

Question 9

What is a Initialization Vector (IV)?

Answer 9

Used in wireless systems as the randomization element at the beginning of a connection

Question 10

What is the Man in the browser (MITB) attack?

Answer 10

A varient of a man in the middle attack, The first element is a malware attack that places a trojan element that can act as a proxy on the target machine. When a user enters info like entering a financial transaction, the malware takes that information after input and then changes it to performs another transaction

Question 11

What is Address Resolution Protocol (ARP) Poisoning?

Answer 11

When an attacker sends messages, corrupts the ARP table, and causes packets to be misrouted

Question 12

What is MAC flooding?

Answer 12

An attack where an attacker floods the table with addresses, making the switch unable to find the correct address for a packet

Question 13

What is MAC cloning?

Answer 13

The act of changing a MAC address to bypass security checks based on the MAC address

Question 14

What is Domain Hijacking?

Answer 14

The act of changing the registration of a domain name without the permission of its original registrant

Question 15

What is DNS poisoning?

Answer 15

An attacker changes a DNS record through any of a multitude of means

Question 16

What is a Universal Resource Locator (URL) Redirection?

Answer 16

a vulnerability which allows an attacker to force users of your application to an untrusted external site.

Question 17

What is a Distributed Denial-of-service (DDoS) attack?

Answer 17

An attacker attempts to deny authorized users access either to specific information or to the computer system or network itself

Question 18

What is a SYN flood attack?

Answer 18

The attacker sends fake communication requests to the targeted system. Which will be answered by the target system, then waits for the third part of the handshake which never come. With enough of them it can crash the system

Question 19

What are Operational Technology (OT)?

Answer 19

Networks of industrial devices in cyber physical systems, These devices control physical processes like traffic lights, to refineries, and manufacturing plants

Question 20

What is powershell?

Answer 20

A built-in command line tool suite that has a set of Windows commands

Question 21

What are Macros?

Answer 21

Recorded sets of instructions, typically presented to an application to automate their function

Question 22

Visual Basic for Applications (VBA) is a type of what?

Answer 22

Macro