Chapter 4: Network Connectivity Flashcards

1
Q

In which attack does the attacker send a TCP packet with all flags set, which is never used in routing communication?

A

XMAS attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In which attack does the attacker send a routine packet to a network service, such as a connection request, and see what information is returned. The goal is to see the software and protocol versions supported, along with other information?

A

Banner grabbing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which spoofing technique alters the source IP address which is often used to impersonate another device on the network?

A

IP Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which spoofing technique alters the MAC address, sometimes to impersonate a specific device, and is only useful on the local network?

A

MAC Spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which MAC spoofing attack alters the MAC address to specifically impersonate another device and is only useful on the local network?

A

MAC cloning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which MAC spoofing attack is used to compromise a switch by overwriting it’s MAC table cache. It involves spoofing many source MAC addresses?

A

MAC flooding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which spoofing attack is often used in phishing attacks?

A

E-mail spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which spoofing attack is common in vishing attacks?

A

Caller ID spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which redirection attack uses spoofed ARP messages to alter the ARP cache of a target host or switch, associating a given IP address with a physical device of the attackers choice? It only works on local network segments.

A

ARP poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which redirection attack compromises or impersonates a DNS server to modify the DNS cache of a target host or DNS server? Typically used to associate a legitimate host or domain name with an IP address of the attacker’s choice.

A

DNS poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which redirection attack uses compromised or insecure pages manipulated by an attacker which can redirect users to malicious sites? These attacks are usually accomplished with malicious server-side scripts.

A

URL redirection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

In which DNS poisoning attack does the attacker redirect traffic for a legitimate website to a malicious imitator. Like phishing, the attacker uses the site to distribute malware or harvest sensitive information.

A

Pharming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

In which redirection attack does the attacker quickly re-register an expired domain

A

Domain hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In which redirection attack does the attack compromise the VLAN protocol to allow the attacker to divert traffic across VLANs?

A

VLAN hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which 2 packet types causes a DoS by confusing a host and causing undesired behavior?

A

oversized packets and malformed packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which DoS variant abuses the TCP connection by sending a constant stream of SYN packets used to open connections, but never responds?

A

SYN flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which password cracking technique tries every possible password in order until the right one is found?

A

Brute force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which password cracking technique uses lists such as dictionaries or common passwords?

A

Dictionary attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which password cracking technique targets many different usernames on the same system at one time using common passwords?

A

Password spraying

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which dictionary attack is based on stolen usernames and password pairs from another compromised system?

A

Credential stuffing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which hash cracking technique exploits hash collisions in weaker hashing and digital signature algorithms?

A

Birthday attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which hash cracking tool uses a pre-computed table?

A

Rainbow table

23
Q

Which hash cracking technique steals the hash and then presents the stolen hash to access resources?

A

Pass the hash

24
Q

Which On-path/MiTM attack intercepts data transmissions, especially those with authentication credentials or encryption key exchanges, then delays or resends them?

A

Replay attack

25
Which On-path/MiTM attack is a replay attack targeting secure websites using a stolen session ID?
Session replay
26
In which On-path/MiTM attack does the attacker take over the session immediately after the client logs in?
Session hijacking
27
In which On-path/MiTM attack does the attacker communicate with client either on HTTP or HTTPS via a fraudulent certificate and then the attacker establishes an HTTPS connection to the server?
SSL stripping
28
Which On-path/MiTM attack use an infected browser?
Browser based
29
Which technique uses a wireless sniffer and searches an area for wireless hotspots?
Wireless reconnaissance
30
In wireless attacks, when is PSK vulnerable?
when the password is weak
31
Is WEP and WPS considered secure?
No
32
WPA and WPA2 supports two encryption modes, TKIP and AES. Which of the two are considered secure?
AES
33
Which attack has a rogue access point with the same SSID and security settings as the legitimate AP?
Evil Twin
34
Which attack sends a packet with a spoofed address that de-authenticates a client from a Wi-Fi network? This can be used as a DoS, or as part of an Evil Twin attack.
Disassociation
35
Which Bluetooth vulnerability involves sending unsolicited messages to a Bluetooth device?
Bluejacking
36
Which Bluetooth vulnerability involves stealing or compromising data on a device, typically by pairing without the owner's knowledge?
Bluesnarfing
37
Which mobile technology is intended for payment and authentication systems at close range, an is therefore a target of attackers?
Near-Field Communication (NFC)
38
Which technology has more range than NFC, and typically has fewer security features?
Radio Frequency Identification (RFID)
39
Which switch security feature tracks MAC addresses against switch ports?
Port security
40
Which switch security feature prevents rogue DHCP servers?
DHCP snooping
41
Which switch security feature prevents loops by detecting and disabling redundant connections. Uses Spanning Tree Protocol (STP)?
Loop protection
42
Which switch security feature prevents loops by disabling a port when it receives a bridge protocol data unit from another switch?
BPDU guard
43
Which switch security feature disables STP on a specific port by preventing it from sending or receiving BPDUs?
BPDU filter
44
Which switch security feature prevents a specific port from being selected as a root port?
Root guard
45
Which switch security feature adds additional checks to loop prevention by preventing switching loops caused by unidirectional links.
Loop guard
46
Which attack is prevented with a switch security feature that adds rate limiting features for broadcast or multicast traffic
Broadcast storm
47
Which switch security feature protects against SYN floods and similar attacks by enforcing a rate limit on communications that shouldn't be a significant part of network traffic.
Flood guard
48
Which switch security feature is defined in IEEE 802.1AE and adds authentication and encryption to Layer 2 protocols over Ethernet such as ARP and DHCP? This can prevent many snooping, impersonation and DoS techniques.
MACsec
49
Which filtering technique looks at each packet in isolation?
stateless filtering
50
Which filtering technique inspects source and destination headers, and possibly some other TCP or UDP data, to determine whether the traffic is a new communication session or a continuation of an existing one? It keeps track of ongoing conversations in a state table.
Stateful filtering. | Also known as stateful packet inspection.
51
Which filtering technique involve application firewalls that are context-aware or application-aware because they don't only monitor traffic and sessions, but the context information is transmitted in and the applications being used?
Deep Packet Inspection (DPI)
52
In which hardware attack an read ID cards and produce a working facsimile
Card cloning
53
What devices attaches to ATMs, looking to an unwary user like a normal part of the machine. In truth, they simply capture the user’s card information and PIN
Skimmer