Network Attacks Flashcards

1
Q

§ A logical communication endpoint that exists on a computer or server

A

Port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A logical communication opening on a server that is listening for a
connection from a client

A

Inbound Port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A logical communication opening created on a client in order to call out
to a server that is listening for a connection

A

Outbound Port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Ports 0 to 1023 are considered ______ and are assigned by the
Internet Assigned Numbers Authority (IANA)

A

Well-Known Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Ports 1024 to 49,151 are considered ______ and are usually assigned
to proprietary protocols

A

Registered Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Ports 49,152 to 65,535 can be used by any application without being
registered with IANA

A

Dynamic or Private Ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Any port that is associated with a service or function that is non-essential
to the operation of your computer or network

A

Unnecessary Port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A logical communication opening on a server that is listening for a
connection from a client

A

Inbound Port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Term used to describe many different types of attacks which attempt to
make a computer or server’s resources unavailable

A

Denial of Service (DOS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A specialized type of DoS which attempts to send more packets to a
single server or host than they can handle

A

Flood Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

An attacker attempts to flood the server by sending too many ICMP echo
request packets (which are known as pings)

A

Ping Flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Attacker sends a ping to subnet broadcast address and devices reply to
spoofed IP (victim server), using up bandwidth and processing

A

Smurf Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Attacker sends a UDP echo packet to port 7 (ECHO) and port 19
(CHARGEN) to flood a server with UDP packets

A

Fraggle Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Variant on a Denial of Service (DOS) attack where attacker initiates
multiple TCP sessions but never completes the 3-way handshake

A

SYN Flood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A specialized network scan that sets the FIN, PSH, and URG flags set and
can cause a device to crash or reboot

A

XMAS Attacj

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An attack that sends an oversized and malformed packet to another
computer or server

A

Ping of Death

17
Q

Attack that breaks apart packets into IP fragments, modifies them with
overlapping and oversized payloads, and sends them to a victim machine

A

Teardrop Attack

18
Q

Attack which exploits a security flaw to permanently break a networking
device by reflashing its firmware

A

Permanent Denial of Service

19
Q

Attack that creates a large number of processes to use up the available
processing power of a computer

A

Fork Bomb

20
Q

A group of compromised systems attack simultaneously a single target to
create a Denial of Service (DOS)

A

Distributed Denial of Service (DDoS)

21
Q

Attack which relies on the large amount of DNS information that is sent in
response to a spoofed query on behalf of the victimized server

A

DNS Amplification

22
Q

Identifies any attacking IP addresses and routes all their traffic to a nonexistent server through the null interface

A

Blackholing or Sinkholing

23
Q

Occurs when an attacker masquerades as another person by falsifying
their identity

A

Spoofing

24
Q

What can prevent small scale DDoS?

A

IPS

25
Q

Exploitation of a computer session in an attempt to gain unauthorized
access to data, services, or other resources on a computer or server

A

Hijacking

26
Q

Attacker guesses the session ID for a web session, enabling them to take
over the already authorized session of the client

A

Session Theft

27
Q

Occurs when an attacker takes over a TCP session between two
computers without the need of a cookie or other host access

A

TCP/IP Hijacking

28
Q

Occurs when an attacker blindly injects data into the communication
stream without being able to see if it is successful or not

A

BLind Hijacking

29
Q

Attack that uses multiple transparent layers to trick a user into clicking on
a button or link on a page when they were intending to click on the
actual page

A

CLickjacking

30
Q

Attack that causes data to flow through the attacker’s computer where
they can intercept or manipulate the data

A

Man in the Middle (MITM)

31
Q

Occurs when a Trojan infects a vulnerable web browser and modifies the
web pages or transactions being done within the browser

A

Man in the Browser(MITB)

32
Q

Occurs when malware is placed on a website that the attacker knows his
potential victims will access

A

Watering Hole

33
Q

Network-based attack where a valid data transmission is fraudulently or
malicious rebroadcast, repeated, or delayed

A

Replay Attack

34
Q

Occurs when the name resolution information is modified in the DNS
server’s cache

A

DNS poisoning

35
Q

Occurs when an attacker requests replication of the DNS information to
their systems for use in planning future attacks

A

Unauthorized Zone Transfer

36
Q

Occurs when an attacker modifies the host file to have the client bypass
the DNS server and redirects them to an incorrect or malicious website

A

Altered Host File

37
Q

Occurs when an attacker redirects one website’s traffic to another
website that is bogus or malicious

A

Pharming

38
Q

Attack that exploits a process in the registration process for a domain
name that keeps the domain name in limbo and cannot be registered by
an authenticated buyer

A

Domain Name Kiting

39
Q

Attack that exploits the IP address to MAC resolution in a network to
steal, modify, or redirect frames within the local area network

A

ARP Poisoning