Network Attacks

Question 1

Denial of Service

Answer 1

Occurs when one machine continually floods a victim with requests for services

Question 2

TCP SYN Flood

Answer 2

Occurs when an attacker initiates multiple TCP sessions, but never completes them

Question 3

Smurf Attack (ICMP Flood)

Answer 3

Occurs when an attacker sends a ping to a subnet broadcast address with the source IP spoofed to be that of the victim server

Question 4

Distributed Denial of Service (DDOS)

Answer 4

Occurs when an attacker uses multiple computers to ask for access to the same server at the same time

Question 5

Botnet

Answer 5

A collection of compromised computers under the control of a master node

Question 6

On-Path/Man-in-the-Middle (MITM) Attack

Answer 6

Occurs when an attacker puts themselves between the victim and the intended destination

Question 7

Session Hijacking

Answer 7

Occurs when an attacker guesses the session ID that is in use between a client and a server and takes over the authenticated session

Question 8

DNS Poisoning

Answer 8

Occurs when an attacker manipulates known vulnerabilities within the NDS to reroute traffic from one site to a fake version of that site

Question 9

DNSSEC

Answer 9

Uses encrypted digital signatures when passing DNS information between servers to help protect it from poisoning

Question 10

Rogue DHCP Server

Answer 10

A DHCP server on a network which is not under the administrative control of the network administrators

Question 11

Spoofing

Answer 11

Occurs when an attacker masquerades as another person by falsifying their identity

Question 12

IP Spoofing

Answer 12

Modifying the source address of an IP packet to hide the identity of the send or impersonate another client

Question 13

MAC Spoofing

Answer 13

Changing the MAC address to pretend the use of a different network interface card or device

Question 14

MAC Filtering

Answer 14

Relies on a list of all known and authorized MAC addresses

Question 15

ARP Spoofing

Answer 15

Sending falsified ARP messages over a local area network

Question 16

VLAN Hopping

Answer 16

• Ability to send traffic from on VLAN into another, bypassing the VLAN segmentation you have configured within your Layer 2 networks

Question 17

Double Tagging

Answer 17

Connecting to an interface on the switch using access mode with the same VLAN as the native untagged VLAN on the trunk

Question 18

Switch Spoofing

Answer 18

Attempting to conduct a Dynamic Trunking Protocol (DTP) negotiation

Question 19

Malware

Answer 19

Designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent

Question 20

Virus

Answer 20

Made up of malicious code that is run on a machine without the user’s knowledge and infects it whenever that code is run

Question 21

Worm

Answer 21

A piece of malicious software that can replicate itself without user interaction

Question 22

Trojan Horse

Answer 22

A piece of malicious software disguised as a piece of harmless or desirable software

Question 23

Remote Access Trojan (RAT)

Answer 23

Provides the attacker with remote control of a victim machine

Question 24

Ransomware

Answer 24

Restricts access to a victim’s computer system or files until a ransom or payment is received

Question 25

Spyware

Answer 25

Gathers information about you without your consent

Question 26

Key Logger

Answer 26

Captures any key stroke made on the victim machine

Question 27

Rootkit

Answer 27

Designed to gain administrative control over a computer system or network device without being detected

Question 28

Rogue Access Point

Answer 28

A wireless access point that has been installed on a secure network without authorization from a local network administrator

Question 29

Shadow IT

Answer 29

Use of IT systems, devices, software, applications, or services without the explicit approval of the IT department

Question 30

Evil Twin

Answer 30

Wireless access point that uses the same name as your own network

Question 31

Deauthentication

Answer 31

Attempts to interrupt communication between an end user and the wireless access point

Question 32

Dictionary Attack

Answer 32

Guesses the password by attempting to check every single word or phrase contained within a word list, called a dictionary

Question 33

Brute Force Attack

Answer 33

Tries every possible combination until they figure out the password

Question 34

Hybrid Attack

Answer 34

Combination of dictionary and brute force attacks

Question 35

Wireless Interception

Answer 35

• Captures wireless data packets as they go across the airwaves

Question 36

Social Engineering

Answer 36

Any attempt to manipulate users to reveal confidential information or perform action detrimental to a system’s security

Question 37

Phishing

Answer 37

Sending an email in an attempt to get a user to click a link

Question 38

Whaling

Answer 38

Focused on key executives with an organization or other key leaders, executives, and managers in the company

Question 39

Tailgating

Answer 39

Entering a secure portion of the organization’s building by following an authorized person into the area without their knowledge or consent

Question 40

Piggybacking

Answer 40

Similar to tailgating, but occurs with the employee’s knowledge or consent

Question 41

Shoulder Surfing

Answer 41

Coming up behind an employee and trying to use direct observation to obtain information

Question 42

Dumpster Diving

Answer 42

Scavenging for personal or confidential information in garbage or recycling containers

Question 43

Insider Threat

Answer 43

An employee or other trusted insider who uses their authorized network access in unauthorized ways to harm the company

Question 44

Logic Bomb

Answer 44

A specific type of malware that is tied to either a logical event or a specific time