Network Attacks

Question 1

§ A logical communication endpoint that exists on a computer or server

Answer 1

Port

Question 2

A logical communication opening on a server that is listening for a
connection from a client

Answer 2

Inbound Port

Question 3

A logical communication opening created on a client in order to call out
to a server that is listening for a connection

Answer 3

Outbound Port

Question 4

Ports 0 to 1023 are considered ______ and are assigned by the
Internet Assigned Numbers Authority (IANA)

Answer 4

Well-Known Ports

Question 5

Ports 1024 to 49,151 are considered ______ and are usually assigned
to proprietary protocols

Answer 5

Registered Ports

Question 6

Ports 49,152 to 65,535 can be used by any application without being
registered with IANA

Answer 6

Dynamic or Private Ports

Question 7

Any port that is associated with a service or function that is non-essential
to the operation of your computer or network

Answer 7

Unnecessary Port

Question 8

A logical communication opening on a server that is listening for a
connection from a client

Answer 8

Inbound Port

Question 9

Term used to describe many different types of attacks which attempt to
make a computer or server’s resources unavailable

Answer 9

Denial of Service (DOS)

Question 10

A specialized type of DoS which attempts to send more packets to a
single server or host than they can handle

Answer 10

Flood Attack

Question 11

An attacker attempts to flood the server by sending too many ICMP echo
request packets (which are known as pings)

Answer 11

Ping Flood

Question 12

Attacker sends a ping to subnet broadcast address and devices reply to
spoofed IP (victim server), using up bandwidth and processing

Answer 12

Smurf Attack

Question 13

Attacker sends a UDP echo packet to port 7 (ECHO) and port 19
(CHARGEN) to flood a server with UDP packets

Answer 13

Fraggle Attack

Question 14

Variant on a Denial of Service (DOS) attack where attacker initiates
multiple TCP sessions but never completes the 3-way handshake

Answer 14

SYN Flood

Question 15

A specialized network scan that sets the FIN, PSH, and URG flags set and
can cause a device to crash or reboot

Answer 15

XMAS Attacj

Question 16

An attack that sends an oversized and malformed packet to another
computer or server

Answer 16

Ping of Death

Question 17

Attack that breaks apart packets into IP fragments, modifies them with
overlapping and oversized payloads, and sends them to a victim machine

Answer 17

Teardrop Attack

Question 18

Attack which exploits a security flaw to permanently break a networking
device by reflashing its firmware

Answer 18

Permanent Denial of Service

Question 19

Attack that creates a large number of processes to use up the available
processing power of a computer

Answer 19

Fork Bomb

Question 20

A group of compromised systems attack simultaneously a single target to
create a Denial of Service (DOS)

Answer 20

Distributed Denial of Service (DDoS)

Question 21

Attack which relies on the large amount of DNS information that is sent in
response to a spoofed query on behalf of the victimized server

Answer 21

DNS Amplification

Question 22

Identifies any attacking IP addresses and routes all their traffic to a nonexistent server through the null interface

Answer 22

Blackholing or Sinkholing

Question 23

Occurs when an attacker masquerades as another person by falsifying
their identity

Answer 23

Spoofing

Question 24

What can prevent small scale DDoS?

Answer 24

IPS

Question 25

Exploitation of a computer session in an attempt to gain unauthorized
access to data, services, or other resources on a computer or server

Answer 25

Hijacking

Question 26

Attacker guesses the session ID for a web session, enabling them to take
over the already authorized session of the client

Answer 26

Session Theft

Question 27

Occurs when an attacker takes over a TCP session between two
computers without the need of a cookie or other host access

Answer 27

TCP/IP Hijacking

Question 28

Occurs when an attacker blindly injects data into the communication
stream without being able to see if it is successful or not

Answer 28

BLind Hijacking

Question 29

Attack that uses multiple transparent layers to trick a user into clicking on
a button or link on a page when they were intending to click on the
actual page

Answer 29

CLickjacking

Question 30

Attack that causes data to flow through the attacker’s computer where
they can intercept or manipulate the data

Answer 30

Man in the Middle (MITM)

Question 31

Occurs when a Trojan infects a vulnerable web browser and modifies the
web pages or transactions being done within the browser

Answer 31

Man in the Browser(MITB)

Question 32

Occurs when malware is placed on a website that the attacker knows his
potential victims will access

Answer 32

Watering Hole

Question 33

Network-based attack where a valid data transmission is fraudulently or
malicious rebroadcast, repeated, or delayed

Answer 33

Replay Attack

Question 34

Occurs when the name resolution information is modified in the DNS
server’s cache

Answer 34

DNS poisoning

Question 35

Occurs when an attacker requests replication of the DNS information to
their systems for use in planning future attacks

Answer 35

Unauthorized Zone Transfer

Question 36

Occurs when an attacker modifies the host file to have the client bypass
the DNS server and redirects them to an incorrect or malicious website

Answer 36

Altered Host File

Question 37

Occurs when an attacker redirects one website’s traffic to another
website that is bogus or malicious

Answer 37

Pharming

Question 38

Attack that exploits a process in the registration process for a domain
name that keeps the domain name in limbo and cannot be registered by
an authenticated buyer

Answer 38

Domain Name Kiting

Question 39

Attack that exploits the IP address to MAC resolution in a network to
steal, modify, or redirect frames within the local area network

Answer 39

ARP Poisoning