Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNA: Enterprise Networking, Security, and Automation > Module 3: Network Security Concepts > Flashcards

Module 3: Network Security Concepts Flashcards

1
Q

Describe the Attack Type

Eavesdropping Attack

Also called sniffing or snooping

A

This is when a threat actor captures and “listens” to network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe the Attack Type

Data Modification Attack

A

If threat actors have captured enterprise traffic, they can alter the data in the packet without the knowledge of the sender or receiver.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Describe the Attack Type

IP Address Spoofing Attack

A

A threat actor constructs an IP packet that appears to orginate from a valid address inside the corporate intranet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe the Attack Type

Password-based Attacks

Specifically what can be done with a valid user account password

A

Used the password of a valid user account, to obtain lists of other users, network information, change server and network configurations, and modify, reroute, or delete data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe the Attack Type

Denial of Service Attack

(DoS)

A

Prevents normal use of a computer or network by flooding traffic to either slow down or shut down systems and networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Describe the Attack Type

Man-in-the-Middle Attack

(MitM)

A

When a threat actor positions themselves between a source and destination. They can now actively monitor, capture, and control the communication transparently.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the Attack Type

Compromised-key Attack

A

If a threat actor obtains a secret key, it becomes compromised. It can be used to gain access to secure communications without the sender or receiver being aware of the attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Describe the Penetration Testing Tool

Password Crackers

List some tools

A

Used to find or ‘recover’ a password, either by removing the original password or by discovery by repeated guessses (Brute Force Attack) or using lists of commonly used passwords (Dictionary Attacks)

e.g. John the Ripper, Ophcrack, L0phtCrack, THC Hydra, RainbowCrack, Medusa

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Describe the Penetration Testing Tool

Wireless Hacking Tools

List some tools

A

Used to discover and hack wireless networks.

Aircrack-ng, Kismet, InSSIDer, KisMAC, Firesheep, NetStumbler

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe the Penetration Testing Tool

Network Scanning and Hacking Tools

List some tools

A

Used to probe network devices, servers, and hosts for open TCP or UDP ports.

Nmap, SuperScan, Angry IP Scanner, NetScan Tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe the Penetration Testing Tool

Packet Crafting Tools

List some tools

A

Used to probe and test a firewall’s robustness using specifically crafted forged packets.

Hping, Scapy, Socat, Yersinia, Netcat, Nping, Nemesis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Describe the Penetration Testing Tool

Packet Sniffers

List some tools

A

Used to capture and analyse packets within traditional Ethernet LANs or WLANs.

Wireshark, Tcpdump, Ettercap, Dsniff, EtherApe, Paros, Fiddler, Ratproxy, SSLstrip

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe the Penetration Testing Tool

Rootkit Detectors

List some tools

A

Directory and file integrity checker to detect root kits.

AIDE, Netfilter, PF: Open BSD Packet Filter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Describe the Penetration Testing Tool

Fuzzers

List some tools

A

Used by threat actors to discover a computer’s security vulnerabilities.

Skipfish, Wapiti, W3af

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Describe the Penetration Testing Tool

Forensic Tools

List some tools

A

Used to discover evidence existing on a computer.

Sleuth Kit, Helix, Maltego, Encase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Describe the Penetration Testing Tool

Debuggers

List some tools

A

Used to reverse engineer binary files when writing exploits.

GBD, WinDbg, IDA Pro, Immunity Debugger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Describe the Penetration Testing Tool

Hacking Operating Systems

List some tools

A

Specially designed operating systems preloaded with tools optimised for hacking.

Kali Linux, Knoppix, BackBox Linux

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Describe the Penetration Testing Tool

Encryption Tools

List some tools

A

Used to encode data to prevent unauthorised access, whether for legitimate or malicious means.

VeraCrypt, CipherShed, OpenSSH, OpenSSL, Tor, OpenVPN, Stunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Describe the Penetration Testing Tool

Vulnerability Exploitation Tools

List some tools

A

Used to identify whether a remote host is vulnerable to a security attack.

Metasploit, Core Impact, Sqlmap, Social Engineer Toolkit, Netsparker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Describe the Penetration Testing Tool

Vulnerability Scanners

List some tools

A

Used to scan a network or system to identify open ports or other weaknesses.

Nipper, Secunia PSI, Core Impact, Nessus, SAINT, Open VAS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Question

Which penetration testing tool uses algorithm schemes to encode the data, which then prevents access to the data?

List some tools

A

Encryption Tools

VeraCrypt, CipherShed, OpenSSH, OpenSSL, Tor, OpenVPN, Stunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Question

Which penetration testing tools is used by black hats to reverse engineer binary files when writing exploits? They are also used by white hats when analysing malware.

List some tools

A

Debuggers

GBD, WinDbg, IDA Pro, Immunity Debugger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Question

Which penetration testing tool is used to probe and test a firewall’s robustness?

List some tools

A

Packet Crafting Tools

Hping, Scapy, Socat, Yersinia, Netcat, Nping, Nemesis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Question

Which penetration testing tool is used by white hats to sniff out any trace of evidence existing on a computer?

List some tools

A

Forensic Tools

Sleuth Kit, Helix, Maltego, Encase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Question

Which penetration testing tool identifies whether a remote host is susceptible to a security attack?

List some tools

A

Vulnerability Exploitation Tools

Metasploit, Core Impact, Sqlmap, Social Engineer Toolkit, Netsparker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Question

What are the three most common types of malware

A
  • Virus
  • Worm
  • Trojan Horse
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Question

Describe a virus:
How does it infect a device?
What does it do?

A

A virus is a type of malware attached to a file, such as a piece of software. When opened it executes and infects the device.

A virus can:
* Alter, corrupt, or delete files, applications or drives.
* Cause boot issues.
* Capture and send sensitive information to threat actors.
* Access and use email or communication accounts to spread.
* Lay dormant until summoned by the threat actor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Question

Describe a Trojan horse:
How does it infect a device?
What does it do?

A

A Trojan is a program that looks useful but carries malicious code, such as free software or games. Unsuspecting users download and install the program and are infected by the Trojan horse.

A Trojan can:
* Provide remote-access to threat actors.
* Send sensitive data to threat actors, like passwords or credit card information.
* Destroy files or drives.
* Act as a proxy to launch attacks or illegal activities.
* Enable unauthorised file transfers via FTP.
* Disable security software or firewalls.
* Denial of Service attack the device, network or a remote network.
* Keylog to steal confidential information.

Remote-access, Data-sending, Destructive, Proxy, FTP, Security Disabler, DoS, Key Logger

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Question

Describe a worm:
How does it infect a device?
What does it do?

A

A worm is a self-replicating program that propagates automatically. It does so without user action, typically by exploiting vulnerabiltiies in legitimate software.
A worm can:
* Use networks to find other victims and propagate.
* Slow or disrupt networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Question

Which malware executes arbitrary code and installs copies of itself in the memory of the infected computer? The main purpose of this malware is to automatically replicate from system to system across the network.

A

Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Question

Which malware is non-self-replicating type of malware? It often contains malicious code that is designed to look like something else, such as a legitimate application or file. It attacks the device from within.

A

Trojan Horse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Question

Which malware is used to gather information about a user and then, without the user’s consent, sends the information to another entity?

A

Spyware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Question

Which malware typically displays annoying pop-ups to generate revenue for its author?

A

Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Question

Which malware is installed on a compromised system and provides privileged access to the threat actor?

A

Rootkit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Question

Which malware denies access to the infected computer system and demands payment before the restriction is removed?

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Question

What three types of attacks are networks susceptible to?

A
  • Reconnaissance Attacks
  • Access Attacks
  • Denial of Service (DoS) Attacks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Question

What is a Reconnaissance Attack?
What may be gained by carrying it out?

A

An attack designed to gather information.

Carried out to gain:
* Details on an organisation and its employees.
* Discover active IP addresses.
* Discover available ports.
* Discover vulnerable services.
* Discover vulnerabilities in the applications and operating systems in use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Question

What is an Access Attack?
What may be gained by carrying it out?

A

An attack designed to gain entry to accounts, databases and sensitive information.
Carried out to gain:
* Data that can be exfiltrated.
* Gain further access to ensure a foothold.
* Escalate access privileges to adminstrator accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Describe the Access Attack

Password Attack

A

Attempting to discover passwords using methods like Brute Force Attack (BFA) or Dictionary Attack.

40
Q

Describe the Access Attack

Spoofing Attack

A

Attempting to pose as another device by falsifying data, such as MAC spoofing or DHCP spoofing.

41
Q

Describe the Access Attack

Trust Exploitation

A

Using unauthorised privileges on one system to gain access to a different system:
* System A trusts System B.
* Attack System B to gain access to it.
* Use System B to gain access to System A.

Exploits permissions, not by bypassing firewalls like Port Redirection

42
Q

Describe the Access Attack

Port Redirection

A

Using a compromised system’s ports to redirect data, often to bypass firewall restrictions.
* Attackers sets up SSH (port 22) to Server A that directs traffic from an external web traffic port (port 8080) to a sensitive internal Server B port (port 80).
* Normally any traffic sent from an external source to Server B on port 80 would be blocked by the firewall, but because it uses port 8080 on a trusted server, it is permitted.

Bypasses firewall, rather than exploits permissions like Trust Exploits

43
Q

Describe the Access Attack

Man-in-the-Middle Attack

(MitM)

A

Positioning yourself between two legitimate entities to read or modify data that passes between them.

44
Q

Describe the Access Attack

Buffer Overflow Attack

A

Exploiting buffer memory and overwhelming it with unexpected values or quantities of data. Usually renders it inoperable (DoS)

45
Q

Question

What is an Social Engineering Attack?
What may be gained by carrying it out?

A

A type of access attack, designed to manipulate individuals into performing actions or divulging confidential information.
May gain:
* Personal data on an individual
* Account information
* Security system information
* A foothold for further attacks

46
Q

Describe the Social Engineering Attack

Pretexting

A

Pretending to need personal or financial information to confirm the identity of a target.

47
Q

Describe the Social Engineering Attack

Phishing

A

Sending fraudulent emails designed to appear legitimate from a trusted source. Designed to trick recipients into clicking links, opening attachments, or replying with confidential information.

48
Q

Describe the Social Engineering Attack

Spear Phishing

A

Phishing that targets specific individuals or organisations.

49
Q

Describe the Social Engineering Attack

Spam

A

Junk mail that is unsolicited, either to advertise, or contain harmful links or malware.

50
Q

Describe the Social Engineering Attack

Something for Something

“Quid pro quo”

A

Requesting confidential information in exchange for a gift.

51
Q

Describe the Social Engineering Attack

Baiting

A

Leaving a malware infected device, such as a USB drive, in a public location. Victims who find the drive may then insert it into their device and infect their computer.

52
Q

Describe the Social Engineering Attack

Impersonation

A

Pretending to be someone they are not to gain the trust of a victim.

53
Q

Describe the Social Engineering Attack

Tailgating

A

Following an authorised person into a secure location, to avoid authorisation checks.

54
Q

Describe the Social Engineering Attack

Shoulder surfing

A

Looking over someone’s shoulder to steal their password or confidential information as it is entered or displayed.

55
Q

Describe the Social Engineering Attack

Dumpster diving

A

Rummaging through bins or waste to discover confidential information, often to carry out identity theft or to steal financial information.

56
Q

Question

Name some Social Engineering Protection Practices

8 listed

A
  1. Never give your login details to anyone.
  2. Never leave your login details where they can easily be found.
  3. Never open email links or attachments from untrusted sources.
  4. Never release confidential work related information on social media sites.
  5. Never re-use work related passwords.
  6. Always lock or sign out of your unattended computer.
  7. Always report suspicious individuals and activity.
  8. Always destroy confidential information, according to your organisations policies.
57
Q

Question

What is a Denial of Service Attack?
What is different about a Distributed Denial of Service attack?
What may be gained by carrying it out?

DoS and DDoS

A

An attack that creates interruption in network services. Typically achieved by sending an overwhelming quantity of traffic, but can also be achieved by using maliciously formatted packets.

DDoS attacks are similar, but are carried out from multiple, coordinated sources.

May gain:
* Interruption of services to users, devices or applications.
* Social prestige / fame.
* Bring attention to political issues (hacktivism).

58
Q

Describe the DDoS term

Zombie

A

An infected host that is part of a network controlled by a threat actor. Often self-propagating, they are used to coordinate a Distributed Denial of Service attack (DDoS)

59
Q

Describe the DDoS term

Command and Control System

CnC

A

A system that sends control messages to zombies.

60
Q

Describe the DDoS term

Botnet

A

A collection of zombies.

61
Q

Question

What type of attack is tailgating?

A

Social Engineering Attack

62
Q

Question

What type of attack is a password attack?

A

Access Attack

63
Q

Question

What type of attack is port scanning?

A

Reconnaissance Attack

64
Q

Question

What type of attack is man-in-the-middle?

A

Access Attack

65
Q

Question

What type of attack is address spoofing?

A

Access Attack

66
Q

Describe the IP Attack

ICMP Attack

A

Threat actors use Internet Control MEssage Protocol (ICMP) echo packets (pings) to discover subnets and hosts on a network, generate a DoS flood attack, or to alter host routing tables

67
Q

Describe the IP Attack

Amplification and Reflection Attacks

A

Threat actors attempt to prevent legitimate users from accessing information or services using DoS and DDoS attacks.

68
Q

Describe the IP Attack

Address Spoofing Attacks

A

Threat actors spoof the source IP address in an IP packet to perform blind or non-blind spoofing.

69
Q

Describe the IP Attack

Man-in-the-Middle Attack

(MitM)

A

Threat actors position themsevles between a source and a destination to transparently monitor, capture, and control the communication. They could eavesdrop by inspecting captured packets, or alter packets and forward them on to their original destination.

70
Q

Describe the IP Attack

Session hijacking

A

Threat actors gain access to the physical network, and then use a MITM attack to hijack a session.

71
Q

Question

What does IPv4 and IPv6 not do that can be exploited by threat actors?

A

Validate the source address of the sender is legitimate.

72
Q

Question

What should be put in place to reduce the effectiveness of ICMP attacks?
What can be put in place to detect them?

A

Strict ICMP ACLs should filter traffic at the network edge to avoid ICMP probing from the internet or untrusted devices.

Security logging can be used to identify ICMP attacks, and security devices like firewalls and Intrustion Detection Systems (IDS) can detect them and generate alerts.

73
Q

Describe the ICMP Message type

ICMP Echo Request / Echo Reply

A

Used to perform host verification and DoS attacks.

74
Q

Describe the ICMP Message type

ICMP Unreachable

A

Used to perform network reconnaissance and scanning attacks.

75
Q

Describe the ICMP Message type

ICMP Mask Reply

A

Used to map an internal IP network.

76
Q

Describe the ICMP Message type

ICMP Redirects

A

USed to lure a target host into sending all traffic through a compromised device and create a MITM attack.

77
Q

Describe the ICMP Message type

ICMP Router Discovery

A

Used to inject bogus route entries into the routing table of a target host.

78
Q

Question

What is an Amplification and Reflection Attack?
What may be gained by carrying it out?

A

The threat actor forwards ICMP echo request messages to many hosts. These messages have a modified Source IP Address to match the victim.
May gain:
* All the hosts reply to the victim to unwittingly carry out a DDoS attack

Newer amplification attacks may use DNS or Network Time Protocol (NTP) based attacks

79
Q

Question

What is a Non-Blind Address Spoofing Attack?
What may be gained by carriying it out?

A

Changing the Source IP Address of packets, when the threat actor CAN see the traffic sent between the host and the target.
May gain:
* Authorisation to a session
* Firewall state
* Sequence-number predictcion

80
Q

Question

What is a Blind Address Spoofing Attack?
What may be gained by carrying it out?

A

Changing the Source IP Address of packets, when the threat actor CAN NOT see the traffic sent between the host and the target.
May gain:
* Denial of Service attack (DoS)

81
Q

Question

What is MAC Address Spoofing?
What may be gained by carrying it out?

A

Changing your device MAC address to match a target’s.
May gain:
* Updating CAM table entry on a switch, to make the port think the threat actors device is the new port for the target.

82
Q

Question

Which attack is being used when threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication?

A

Man-in-the-Middle Attack

MITM

83
Q

Question

Which attack is being used when threat actors gain access to the physical network, and then use an MiTM attack to capture and manipulate a legitimate user’s traffic?

A

Session Hijacking

84
Q

Question

Which attack is being used when threat actors initiate a simultaneous, coordinated attack from multiple source machines?

A

Amplification and Reflection Attack

85
Q

Question

Which attack is being used when threat actors use pings to discover subnets and hosts on a protected network, to generate flood attacks, and to alter host routing tables?

A

ICMP Attack

86
Q

Question

Which attack being used is when a threat actor creates packets with false source IP address information to either hide the identity of the sender, or to pose as another legitimate user?

A

Address Spoofing Attack

87
Q

Question

What are the six control bits of the TCP segment?

URG, ACK, PSH, RST, SYN and FIN

A
  1. URG - Urgent pointed field significant
  2. ACK - Acknowledgement field significant
  3. PSH - Push function
  4. RST - Reset the connection
  5. SYN - Synchronise sequence numbers
  6. FIN - No more data from sender
88
Q

What is a UDP Flood Attack?

Name some tools that can cause UDP Flood Attacks

A

A threat actor usess a tool that sweeps through a network trying to find closed ports. It sends UDP packets to them, which makes them reply with “ICMP Port Unreachable” message, creating a lot of traffic on the segment and a DoS attack.

UDP Unicorn, Low Orbit Ion Cannon (LOIC)

89
Q

Question

Which attack exploits the three-way handshake?

A

TCP SYN Flood Attack

90
Q

Question

Two hosts have established a TCP connection and are exchanging data. A threat actor sends a TCP segment with the RST bit set to both hosts informing them to immediately stop using the TCP connection. Which attack is this?

A

TCP Reset Attack

91
Q

Question

Which attack is being used when the threat actor spoofs the IP address of one host, predicts the next sequence number, and sends an ACK to the other host?

A

TCP Session Hijacking

92
Q

Question

A program sends a flood of UDP packets from a spoofed host to a server on the subnet sweeping through all the known UDP ports looking for closed ports. This will cause the server to reply with an ICMP port unreachable message. Which attack is this?

A

UDP Flood Attack

93
Q

Describe the IP Service attack

What is ARP Cache Poisoning?
What may be gained by carrying it out?

A

ARP is used to identify devices devices on the subnet and associate them with an IP Address. By sending ‘spoofed gratuitous ARP replies’ a threat actor can pretend to be the default gateway.
* Implement a Man-in-the-Middle attack.
* Steal confidential information.
* Modify data in transit.
* Inject malicious data.

94
Q

Question

Name 4 different types of DNS Attacks

A
  1. DNS Open Resolver Atttacks
  2. DNS Stealth Attacks
  3. DNS Domain Shadowing Attacks
  4. DNS Tunneling Attacks
95
Q

Describe the DNS Attack type

DNS Open Resolver Attack

Name some techniques

A

Public DNS servers like GoogleDNS 8.8.8.8 respond to any queries.
This can be manipulated via the following techniques:
* DNS Cache Poisoning - To spoof Record Resource (RR) information to redirect users from legitimate sites to malicious ones.
* DNS Amplification and Redirection Attacks - Threat actors send messages to an open resolver using the IP address of a target host, flooding it with responses.
* DNS Resource Utilisation Attacks - DoS attacking the open resolver to consume its resources and impact any device that relies upon it.

96
Q

Describe the DNS Attack type

DNS Stealth Attacks

Name some techniques

A

Changing your DNS information or rapidly generating domains to hide a threat actor’s identity for malicious use.
This can be manipulated via the following techniques:
* Fast Flux - Hide malware or phishing sites by quickly-changing behind a network of compromised DNS hosts. Botnets often use Fast Flux to hide their malicious servers.
* Double IP Flux - Rapidly change host name to IP address mappings and authorative name servers.
* Domain Generation Algorithms - Randomly generate domain names that can be used for phishing or as rendezvous points for Command and Control (CnC) servers.

97
Q

Describe the DNS Attack type

DNS Domain Shadowing Attacks

A

Gathering domain account credentials to silently create multiple sub-domains to be used during attacks, without alerting the domain owner.

For example if access is gained to cisco.com and the threat actor creates subdomains like emails.microsoft.com and recovery.cisco.com they legitimise malicious uses of those domains.

CCNA: Enterprise Networking, Security, and Automation (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions