Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Network Security > Denial of Service > Flashcards

Denial of Service Flashcards

1
Q

Random Scanning

A

Each compromised computer probes

random addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Permutation Scanning

A

All compromised computers share a
common pseudo-random permutation of the
IP address space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Signpost Scanning

A

Uses the communication patterns of the

compromised computer to find new target.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Hitlist Scanning

A

A portion of a list of targets is supplied to

a compromised computer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

subnet proofing

A

generate random addresses within a given address space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Random spoofing

A

generate 32-bit numbers and stamp packets with them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fixed spoofing

A

the spoofed address is the address of the target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Goal of DDOS

A

take out a large computer site / app / infra with as little computing resources as possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the reasons why the UDP-based NTP protocol is particularly vulnerable to amplification attacks?

A

A small command can generate a large response

Vulnerable to source IP spoofing.

It is difficult to ensure computers communicate only with legitimate NTP servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following are true?

The server must reject all TCP options because the server discards the SYN queue entry

SYN cookies lead to overall slower performance

SYN cookies require modified versions

A

The server must reject all TCP options because the server discards the SYN queue entry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

With regards to a UDP flood attack, which of the following are true?

  • Attackers can spoof the IP address of their UDP packets
  • the attack can be mitigated with firewalls
  • firewalls can’t stop a flood because the firewall is susceptible to flooding
A
  • Attackers can spoof the IP address of their UDP packets

- firewalls can’t stop a flood because the firewall is susceptible to flooding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the main idea behind slowing down DOS attackers?

A

Slow down the hacker!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are client puzzles and what do they do?

A
  • everyone must submit a puzzle solution with requests during a DOS attack which slows down the requests
  • When there is no attack, no solution is needed
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Why is SSL/TLS handshake vulnerable to DDOS?

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are client puzzles and what are they used for?

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why is it recommended to use memory bound functions as problems to solve during DOS attack?

A

TBD

17
Q

Which of the following statements is true?

  • Client puzzles should be stateless
  • Puzzle complexity should increase as the strength of the attack increases
  • Client puzzles should be hard to construct. This is an indication of the level of difficulty to solve them
A

Client puzzles should be stateless

Puzzle complexity should increase as the strength of the attack increases

18
Q

Which of the following are assumptions that can be made about Traceback?

Attackers can work alone or in groups

Attackers can generate limited types of packets

Attackers are not aware of the tracing mechanism

A

Attackers can work alone or in groups

19
Q

Select all statements that are true for edge sampling:

  • Multiple attackers can be identified since edge identifies splits in reverse path
  • It’s difficult for victims to reconstruct a path to the attacker
  • Require space in the IP packet header
A

Require space in the packet header

Multiple attackers can be identified since edge identifies splits in reverse path

20
Q

What is a reflector attack?

A

Reflector Attack:
Spoofs victim’s IP and sends requests to many DNS servers
All DNS servers respond to magnify traffic to target
Victim is flooded

21
Q

Self defense against reflector atacks should incorporate
which of the following:

  • Filtering - filter DNS traffic as close to the victim as possible
  • Server redundancy - servers should be located in multiple networks and locations
  • Traffic limiting - traffic from a name server should be limited to reasonable thresholds
A

Server redundancy - servers should be located in multiple networks and locations

Traffic limiting - traffic from a name server should be limited to reasonable thresholds

Network Security (2 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions