Chapter 4 Network Attack Indicators

Question 1

Wireless

Answer 1

• A target for hackers.
• A common networking technology that has a substantial number of standards and processes to connect users to networks via radio signals.

Question 2

Evil Twin

Answer 2

• An attack against the wireless protocol via substitute hardware.
• Uses an access point owned by an attacker that usually has been enhanced with higher-power and higher-gain antennas.

Question 3

Rouge Access Point

Answer 3

• An attacker can attempt to get clients to connect to it as if it were authorized and then simply authenticate to the real access point.

Question 4

Bluesnarfing

Answer 4

• The attacker copies off the victim’s information, and other pertinent information on the person’s device.

Question 5

Bluejacking

Answer 5

• Sending of unauthorized messages to another Bluetooth device.

Question 6

Disassociation

Answer 6

• Attacks against a wireless system are attacks designed to disassociate a host from the wireless access point and from the wireless network.

Question 7

Jamming

Answer 7

• A form of denial of service that specifically targets the radio spectrum aspect of wireless.

Question 8

Radio Frequency Identification (RFID)

Answer 8

• RFID tags come in several different forms and can be classified as either active or passive.

Question 9

Initialization Vector (IV)

Answer 9

• Used in wireless systems as the randomization element at the beginning of a connection.
• Attacks against it are aimed at determining the IV

Question 9

Near Field Communication (NFC)

Answer 9

• Enables smartphones and other devices to establish radio communication over a short distance.

Question 10

Media Access Control (MAC) Flooding

Answer 10

• An attacker floods the table with addresses, making the switch unable to find the correct address for a packet.

Question 11

MAC Cloning

Answer 11

• The act of changing a MAC address to bypass security checks based on the MAC address.

Question 12

Domain Name System (DNS)

Answer 12

• The phone book for addressing
• Provides the correct address to get the pack destination.
• Can control where all the packets go.

Question 13

DNS Poisoning

Answer 13

• When changes to the network occur resulting in different DNS lookups.

Question 13

Domain Hijacking

Answer 13

• The act of changing the registration of a domain name without permission of its original registration.

Question 14

nslookup

Answer 14

• ## This command shows a series of DNS queries executed on a Windows machine.

Question 15

Universal Resource Locator (URL) Redirection

Answer 15

• Man in the Middle attack where all your traffic is being read and redirected.

Question 16

Domain Reputation

Answer 16

• If you do not protect your address, an attacker make associate your IP address with spam, botnets, or other bad behaviors, then the reputation of the IP address will suffer.

Question 17

Denial-of-Service (DoS) Attack

Answer 17

• The attacker attempts to deny authorized users access to specific information or to the computer system or network itself.

Question 18

Distributed Denial-of-Service (DDoS) Attack

Answer 18

• Sending so many requests that the machine is overwhelmed.

Question 19

How is a NETWORK used in a DDoS attack

Answer 19

• A network of attack agents (Zombies) is created by the attacker, and upon receiving the attack command from the attacker.

Question 20

How can applications be compromised by a DDoS attack?

Answer 20

• The objective of an application level DDoS attack is to consume all resources or to put the system into a failed state.

Question 21

Operational Technology (OT)

Answer 21

• The name given to networks of industrial devices in cyber-physical systems.
• Usually computers control physical processes.

Question 22

PowerShell

Answer 22

• A built-in command-line tool suite that has a rich set of Microsoft Windows commands.
• Completely integrated with the Windows Environment.
• Used

Question 23

Python

Answer 23

• An effective scripting tool used for good at automating tasks and data analysis.

Question 24

Bash, Bourne Again Shell

Answer 24

• An interpreter that processes shell commands on Linux system.
• Takes commands in plaintext format and calls OS services to perform the specified tasks.

Question 25

Macros

Answer 25

• Recorded sets of instructions, typically presented to an application to automate their function.
• Comes the risk in the form of unwanted macros calling the system and performing system activities.

Question 26

Visual Basic for Applications (VBA)

Answer 26

• An older technology from Microsoft that was used to automate many internal processes in applications.
• Even though this is an outdated tool, still can be used as a vector for attackers.