Comparing Common Attacks Flashcards

1
Q

what attack typically changes data to impersonate another system or person?

A

Spoofing attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

DoS attacks often use what other type of attack to acheive the goal of DoS?

A

Syn flood attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What common attack is a form of active interception/eavesdropping

A

Man-In-The-Middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How does ARP poisoning enable man-in-the-middle and DoS attacks?

A

It enables MITM attack because it associates both the gateway and victim machine with the MAC address of the attacker.
It can be used for DoS attacks by redirecting the internet gateway to a MAC address of a bogus machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What type of attack would it be if a bogus MAC address was sent out to computers claiming it was the default gateway? What would happen?

A

ARP DoS attack

None of the computers could connect out the network because the MAC address for the default gateway is invalid.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does DNS poisoning work and what’s the end result?

What can DNS servers implement to protect against these attacks?

A

changes the ip addresses associated with a CNAME to redirect users to a different website
SECDNS protects against DNS poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Modifying the hosts file to include an entry that points a website to a different IP than it’s original address is known as what?

A

DNS Pharming

note - DNS pharming is essentially the same as DNS poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What attack involves spoofing the source IP address as the victims machine and sends out ICMP packets as a broadcast to generate lots of replies to that machine?

A

Smurf attack [DNS amplification attacks work on the same principle but zone information is sent to the victim’s machine]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

most authentication protocols can encrypt the what before it is sent across the network?

A

the password or the hash of the password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which old Microsoft client authentication protocols are susceptible to pass the hash attacks? What can be used instead to eliminate the risk?

A

Lan Manager and NT Lan Manager (NTLM).

NTLMv2 or Kerberos authentication are not susceptible to pass the hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a hash collision?

A

when the hashing algorithm creates the same hash from more than one word

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what method of modifying passwords is used to thwart what types of password attacks? How?

A

Salting. It adds extra characters to the original password. Brute Force attacks and Rainbow table attacks will have less chance of success because they are looking for original spellings or character combinations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What attack involves an attacker capturing authentication credentials between two computers and then later using the same information to initiate communicate with one of them by impersonating one of the machines in the earlier capture?

A

Replay attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Timestamps and sequence number thwart what type of attack? What commonly used Windows client authentication protocol uses it?

A

replay attacks

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

In an encryption/de-encryption attack, when the attacker knows all of the plaintext in a message and some of the cyphertext, what is the attack known as?

A

known plaintext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In an encryption/de-encryption attack, when the attacker knows some of the plaintext in a message and some of the cyphertext, what is the attack known as?

A

chosen plaintext

17
Q

Typo URLs are a form of what type of attack?

A

Hijack attack

18
Q

Session hijack involves an attacker stealing what from your computer and then doing what with it? What other attack is used to facilitate this?

A

They steal the session ID cookie.
The cookie is used by websites to identify you and can use it to log you in automatically
The attacker can then use your session ID to log into your account
Cross-site scripting is used to to steal session ID cookies

19
Q

What type of attack is a type of proxy trojan horse that infects web browsers and captures keystrokes and sends them to the attacker?

A

man-in-the-browser

20
Q

what is a shim?

A

a piece of code written to be run when an application needs to access an old driver that isn’t compatible with the current operating system

21
Q

when the internal processing of code is re-written, without changing its external behaviour, what is it called?

What is it usually done for?

A

Refactoring

It is usually done to correct problems related to software design

22
Q

what is a buffer?

A

a specific area of memory reserved for an application

23
Q

what happens in a buffer overflow?

A

an application received more input than the buffer size or different input to what it expects and causes an area of memory to be exposed that normally would be protected and inaccessible.

24
Q

buffer overflow attack can be used to crash the system or…

A

insert malicious code into the exposed area of memory.

25
Q

What type of code commands used in buffer overflow attacks causes the processor to execute them one after the other if it happens upon the section of memory that contains the codes?

A

No Operation commands (NOP commands). Malicious code is then added to the end of the NOP commands which forces the processor to execute the code.

26
Q

What is a DLL and what is DLL injection?

A

A DLL is an independent piece of code that other applications can use instead of the programmer creating the code themselves
A DLL injection is an attack where a malicious DLL is injected into a system’s memory to execute.

27
Q

What’s the difference between a DoS and DDoS?

A

DoS is initiating from a single computer whereas DDoS attacks is initiated from many different computers and usually features a sustained, abnormally high network traffic.

28
Q

What attack has the goal of misleading computers/switches about the actual MAC address of a system?

A

ARP poisoning

29
Q

What type of spoofing attack is ARP poisoning associated with?

A

IP spoofing

30
Q

Code that attempts to insert a number 128bits in size into an area of memory or variable 64bits in size causes what type of error?

A

Integer overflow error.

31
Q

Integer overflow error can cause a buffer overflow if…

A

if there is inadequate exception and error handling

32
Q

What do developers need to check for to avoid buffer overflows?

A

buffer boundaries

33
Q

what stores a reference to something in programming languages? What do they save the application module from doing?

A

pointer references.

they save it from passing the entire data array into memory

34
Q

what attack is this instruction used for - x90?

A

NOP instruction for a buffer overflow attack