Network Attacks

Question 1

Denial of Service (DoS) Attack

Answer 1

Occurs when one machine continually floods a victim with requests for services

Question 2

Distributed Denial of Service (DDoS) Attack

Answer 2

Occurs when an attacker uses multiple computers to ask for access to the
same server at the same time

Question 3

Botnet

Answer 3

A collection of compromised computers (zombies) under the control of a master node

Question 4

On-Path/ Man-in-the-Middle (MITM) Attack

Answer 4

Occurs when an attacker puts themselves between the victim and the
intended destination

Question 5

DNS Poisoning

Answer 5

Occurs when an attacker manipulates known vulnerabilities within the
DNS to reroute traffic from one site to a fake version of that site

Question 6

Rogue DHCP Server

Answer 6

A DHCP server on a network which is not under the administrative
control of the network administrators

Question 7

IP Spoofing

Answer 7

Modifying the source address of an IP packet to hide the identity of the
sender or impersonate another client
IP spoofing is focused at Layer 3 of the OSI model

Question 8

MAC Spoofing

Answer 8

Changing the MAC address to pretend the use of a different network
interface card or device

Question 9

MAC Filtering

Answer 9

Relies on a list of all known and authorized MAC addresses

Question 10

ARP Spoofing and prevention

Answer 10

Sending falsified ARP messages
that can be used as a precursor to other attacks
set up good VLAN segmentation within your network

Question 11

VLAN Hopping

Answer 11

Ability to send traffic from one VLAN into another, bypassing the VLAN
segmentation you have configured within your Layer 2 networks

Question 12

Malware

Answer 12

Designed to infiltrate a computer system and possibly damage it without
the user’s knowledge or consent

Question 13

Ransomware

Answer 13

Restricts access to a victim’s computer system or files until a ransom or
payment is received

Question 14

Rogue Access Point

Answer 14

A wireless access point that has been installed on a secure network
without authorization from a local network administrator

Question 15

Evil Twin

Answer 15

Wireless access point that uses the same name as your own network

Question 16

Deauthentication

Answer 16

Attempts to interrupt communication between an end user and the
wireless access point

Question 17

Social Engineering

Answer 17

Any attempt to manipulate users to reveal confidential information or
perform actions detrimental to a system’s security
The weakest link is our end users and employees

Question 18

Phishing

Answer 18

Sending an email in an attempt to get a user to click a link
Sending out emails to capture the most people and doesn’t really target
any particular person or group

Question 19

Spearphishing

Answer 19

More targeted form of phishing

Question 20

Whaling

Answer 20

Focused on key executives within an organization or other key leaders,
executives, and managers in the company

Question 21

Tailgating

Answer 21

Entering a secure portion of the organization’s building by following an
authorized person into the area without their knowledge or consent

Question 22

Piggybacking

Answer 22

Similar to tailgating, but occurs with the employee’s knowledge or
consent

Question 23

Shoulder Surfing

Answer 23

Coming up behind an employee and trying to use direct observation
to obtain information

Question 24

Insider Threat

Answer 24

An employee or other trusted insider who uses their authorized network access
in unauthorized ways to harm the company