Network Attacks

Question 1

What is a DNS Poisoning attack?

Answer 1

The act of entering false information into a DNS cache, so that DNS queries return an incorrect response and users are directed to the wrong websites. Also known as DNS spoofing.

Question 2

What is a DNS Hijacking attack?

Answer 2

A type of DNS attack in which DNS queries are incorrectly resolved in order to unexpectedly redirect users to malicious sites.

Question 3

What is a Domain Hijacking attack?

Answer 3

A type of attack in which someone takes over a domain, often through social engineering.

Question 4

What does Address Resolution Protocol (ARP) do?

Answer 4

ARP sits between the Network and Data layer, translating between the two of them. It translates from MAC to IP.

Question 5

What is ARP Poisoning?

Answer 5

A type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table.

Question 6

What is MAC Cloning?

Answer 6

When a bad actor spoofs the MAC address of another system to intercept traffic intended for that computer.

Question 7

What is MAC Flooding?

Answer 7

When a bad actor floods a switch with bogus MAC addresses. As a result, the MAC address table begins to fill. The switch then fail-opens, which essentially turns it into a hub. A bad actor can now sniff out any packets they want.

Question 8

What is a Denial of Service (DoS) attack?

Answer 8

An attack that is meant to shut down a machine or network, making it inaccessible to its intended users.

Question 9

What is a Distributed Denial of Service (DDoS) attack?

Answer 9

An attack against a network or website using many pcs. It often includes a botnet.

Question 10

What are the three types of DDoS attacks?

Answer 10

Reflected DDos, Amplified DDoS, and Coordinated DDoS

Question 11

What is a Reflected DDoS?

Answer 11

A DDoS attack in which a service request is created using the spoofed IP address of the target. These requests to something like a time server are routed to the target to overwhelm it.

Question 12

What is an Amplified DDoS?

Answer 12

A DDoS attack in which a service request is created using the spoofed IP address of the target. The service request asks for an increased payload to overwhelm the target.

Question 13

What is a Coordinated DDoS?

Answer 13

A DDoS attack in which multiple attackers are attempting to bring the target offline.

Question 14

What is a Man-in-the-Middle attack?

Answer 14

An attacker captures traffic between an authorized user and a user. They can play that traffic back to the server later to gain access to some kind of resource.

Question 15

What is a Man-in-the-Browser attack?

Answer 15

A form of man-in-the-middle attack where an attacker is able to insert himself into the communications channel between two trusting parties by compromising a Web browser used by one of the parties, for the purpose of eavesdropping, data theft and/or session tampering.

Question 16

What is a Rogue Access Point attack?

Answer 16

A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator, whether added by a well-meaning employee or by a malicious attacker. An illegitimate access point plugged into a network to create a bypass from outside into the legitimate network.

Question 17

What is an Evil Twin?

Answer 17

A fraudulent Wi-Fi access point that appears to be legitimate but is set up to eavesdrop on wireless communications. Copy of a legitimate access point. Can scrape credentials or reroute to malicious websites.

Question 18

What is a Disassociation Attack?

Answer 18

A type of DoS attack in which the attacker breaks the wireless connection between the victim device and the access point.

Question 19

What is an Initialization Vector?

Answer 19

Extra data tied to encryption to make it harder to spot similarities between packets that have been encrypted. It is random.

Question 20

What is an Initialization Vector Attack?

Answer 20

An attack that is focused on the initialization vector.

Question 21

What is a Radio Frequency Identifier (RFID) attack?

Answer 21

An attack that uses middleware to intercept data sent from an RFID device and an RFID reader. It can be used to either clone or spoofing.

Question 22

What is a Near Field Communication (NFC) attack?

Answer 22

A device is placed that pulls data from an NFC device. It can be used to modify data or eavesdrop.

Question 23

What is Jamming?

Answer 23

Interrupting wireless (typically 2.4GHz) signals whether intentionally or unintentionally.

Question 24

What is Bluejacking?

Answer 24

When someone pulls data from an active bluetooth connection.

Question 25

What is Bluesnarfing?

Answer 25

When someone puts data in an active bluetooth connection in an unauthorized manner.