Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CSCI 4130 - Intro to Cybersecurity > Denial of Service Attacks > Flashcards

Denial of Service Attacks Flashcards

1
Q

Describe

Denial of Service (DoS)

DoS

A

Prevents user from using certain services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Two types of DoS Attacks

DoS

A

Program Flaw and Resource Exhaustion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe

DoS Attack: Program Flaw

DoS

A

Input that crashes target application/system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Defenses against DoS Attack: Program Flaw

DoS

A
  • Careful programming
  • Authentication
  • Authorization
  • Least privilege
  • Testing/review
  • Behavior of other defenses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Defenses against DoS Attack: Resource Exhaustion

DoS

A
  • Reliable authentication
  • Quota allocation
  • Isolation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe

DoS Attack: Resource Exhaustion

DoS

A

Requesting significant amounts of computing resources (i.e. CPU, memory, disk, network connections)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe

Network DoS Attacks

DoS

A

Pulls the machine off the Internet by increasing traffic to isolation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What makes Network DoS Attacks possible?

DoS

A

Internet lacks isolation between traffic users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cost of Network DoS Attacks

DoS

A
  • Bandwidth = bottleneck link of target connection (requires distributed DoS attacks and amplification)
  • Packet sending rate = bottleneck router
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Two types of DNS DoS Attacks

DoS

A

Reflection and DYN Attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe

Reflection DNS DoS Attacks

DoS

A

Spoofs larger number of DNS requests from victim for bandwidth amplification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe

DYN DNS DoS Attacks

DoS

A

Floods DNS with DNS queries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe

Application DoS

DoS

A

Sends application payload to attack availability at application layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does Application DoS bypass?

DoS

A

Network-layer defenses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Defenses against Application DoS

DoS

A
  • Authentication + isolation
  • Distributed services
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Ways to Mitigate Lack of Inbound Traffic Control

DoS

A
  • Ingress Filtering
  • Client Challenges
  • Source Identification
17
Q

Describe

Ingress Filtering

DoS

A

Ensures packets are from desired origin (drops datagrams without legit source IP addresses)

18
Q

Limitation to Ingress Filtering

DoS

A

Requires reliance and cooperation between Internet Service Providers (ISP)

19
Q

Describe

Client Challenges

DoS

A

Forces the Client to put effort after their request through puzzles or CAPTCHAs

20
Q

Limitations to Client Challenges

DoS

A
  • Changes client and servers
  • Hurts low power legit clients
21
Q

Describe

Source Identification

DoS

A

Tracebacks to the origianl source with updated router marks on packet info under the assumptions that packets arrived in stable paths and its routers were not compromised

22
Q

Two ways to execute Source Identification

DoS

A
  1. Datagram carries link info
  2. Datagram information is stored into 1 fixed datagram based on statistics/probability

CSCI 4130 - Intro to Cybersecurity (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions