Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security > Chapter 7 > Flashcards

Chapter 7 Flashcards

DoS attacks

1
Q

Denial of service attack

A

action preventing authorized use of networks /systems/applications by exhausting resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

categories of resources

A
  1. network bandwidth - capacity of network links connecting server to internet
  2. system resource - aims to overload network handling software
  3. application resource - involves number of valid requests - each consumes significant resources - limit ability of server to respond to requests from other user
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

types of attacks

A
  1. flooding ping command - overwhelm capacity of network connection to target organizations
  2. SYN spoofing - attack ability of server to respond to new connection request by overflowing tables used to manage them
  3. flooding attacks - based on network protocol classified (ICMP flood - ICMP echo requests, UDP flood - UDP packet to port number, TCP SYN flood - TCP packets to target - total number of packets = aim of attack rather than system code)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DDos

A

multiple systems to generate attack- botnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

HTTP attack

A
  1. HTTP flood - bombard web servers with HTTP requests
  2. slowlorris - attempt to monopolize all available request handling threads on web server by sending HTTP requests that never complete
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Reflection attacks

A

attacker sends packets to known service on intermediary with spoofed source address of actual target system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

backscatter traffic

A

advertise routers to unused IP addresses to monitor attack traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

DNS amplification attacks

A

use packets directed at legitimate DNS server as intermediary system- attacker create series of DNS requests containing spoofed source address of target system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

basic defence

A

prevent use of spoofed source address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Dos attack defence prevention + pre-emption

A
  1. block spoofed source addresses
  2. filter applied before leaving ISP to check claimed source address
  3. use modified TCP connection handling code (encode critical info in cookie , responds with ACK packet containing inc sequence number cookie), drop entry for incomplete TCP connections when table overflows
  4. block IP directed broadcasts
  5. block suspicious services + combinations
  6. manage application attacks with from of graphical puzzle
  7. good general system security practices
  8. use mirrored + replicated servers when high performance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

responding to Dos attacks

A

anti-spoofing , rate-limiting
1. identify type of attack - capture packets
2. have ISP trace packet flow back to source - for legal action
3. implement contingency plans - switch server
4. update incident response plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

good incidence response plan

A
  1. details on how to contact technical personnel for ISP
  2. impose traffic upstream
  3. details on how to respond to attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions