Lecture 3 HW Flashcards
What category of malware is known for its ability to spread autonomously across networks by exploiting vulnerabilities?
Worm
What is the primary function of a firewall in network security?
To monitor and analyze network traffic for security purposes
What is IP Spoofing?
It’s an attack where the attacker changes the source IP address to impersonate a different computer.
In IP Spoofing, what does the attacker do?
Changes their own IP address to the spoofed address.
What type of attack involves the interception and analysis of network traffic to capture sensitive data or gain unauthorized access to information?
Sniffing
Which type of malware spreads through infected files and relies on user interactions topropagate?
Virus
How can organizations defend against sniffing attacks?
By implementing encryption protocols and intrusion detection systems.
What is session hijacking?
The process of taking over an existing active session.
How does session hijacking typically occur?
By manipulating session cookies or tokens, sniffing the session ID and then launching DoS attacks on the server machine.
What technology is used to establish an encrypted link between a server and a client forsecure Internet traffic?
SSL (Secure Sockets Layer) (i.e., TLS (Transport Layer Security))
What is the function of X.509 certificates in SSL?
To identify the server participating in the SSL connection (i.e., binding an identity to a public key using a digital signature).
How does a Smurf attack work?
It sends a flood of ICMP Echo Requests to a target.
Which of the following is a type of Denial of Service (DoS) attack that involves overwhelming a target system with a flood of TCP SYN packets?
Smurf attack
What is the purpose of intrusion detection systems (IDS) in defending against SYN floodattacks?
To monitor the suspicious network activity
What is a rootkit?
A type of malware that modifies the operating system’s kernel to hide its existence and provide unauthorized access
