Chapter 4: Network Connectivity Flashcards
In which attack does the attacker send a TCP packet with all flags set, which is never used in routing communication?
XMAS attack
In which attack does the attacker send a routine packet to a network service, such as a connection request, and see what information is returned. The goal is to see the software and protocol versions supported, along with other information?
Banner grabbing
Which spoofing technique alters the source IP address which is often used to impersonate another device on the network?
IP Spoofing
Which spoofing technique alters the MAC address, sometimes to impersonate a specific device, and is only useful on the local network?
MAC Spoofing
Which MAC spoofing attack alters the MAC address to specifically impersonate another device and is only useful on the local network?
MAC cloning
Which MAC spoofing attack is used to compromise a switch by overwriting it’s MAC table cache. It involves spoofing many source MAC addresses?
MAC flooding
Which spoofing attack is often used in phishing attacks?
E-mail spoofing
Which spoofing attack is common in vishing attacks?
Caller ID spoofing
Which redirection attack uses spoofed ARP messages to alter the ARP cache of a target host or switch, associating a given IP address with a physical device of the attackers choice? It only works on local network segments.
ARP poisoning
Which redirection attack compromises or impersonates a DNS server to modify the DNS cache of a target host or DNS server? Typically used to associate a legitimate host or domain name with an IP address of the attacker’s choice.
DNS poisoning
Which redirection attack uses compromised or insecure pages manipulated by an attacker which can redirect users to malicious sites? These attacks are usually accomplished with malicious server-side scripts.
URL redirection
In which DNS poisoning attack does the attacker redirect traffic for a legitimate website to a malicious imitator. Like phishing, the attacker uses the site to distribute malware or harvest sensitive information.
Pharming
In which redirection attack does the attacker quickly re-register an expired domain
Domain hijacking
In which redirection attack does the attack compromise the VLAN protocol to allow the attacker to divert traffic across VLANs?
VLAN hopping
Which 2 packet types causes a DoS by confusing a host and causing undesired behavior?
oversized packets and malformed packets
Which DoS variant abuses the TCP connection by sending a constant stream of SYN packets used to open connections, but never responds?
SYN flood
Which password cracking technique tries every possible password in order until the right one is found?
Brute force
Which password cracking technique uses lists such as dictionaries or common passwords?
Dictionary attacks
Which password cracking technique targets many different usernames on the same system at one time using common passwords?
Password spraying
Which dictionary attack is based on stolen usernames and password pairs from another compromised system?
Credential stuffing
Which hash cracking technique exploits hash collisions in weaker hashing and digital signature algorithms?
Birthday attacks
Which hash cracking tool uses a pre-computed table?
Rainbow table
Which hash cracking technique steals the hash and then presents the stolen hash to access resources?
Pass the hash
Which On-path/MiTM attack intercepts data transmissions, especially those with authentication credentials or encryption key exchanges, then delays or resends them?
Replay attack
