Network threats

Question 1

What are the common Network Attacks?

Answer 1

DOS
Spoofing
Session Hijacking
Replay Attacks
Transitive Attacks
DNS Attacks
ARP Poisoning

Question 2

What is a port?

Answer 2

Logical communication endpoint that exists on a computer or server

Question 3

What is an inbound port

Answer 3

A logical communication opening on a serve that is listening for a connection from a client

Question 4

What is an outbound port

Answer 4

Logical communication opening on a client that is used to send requests and data to another devices listening inbound port

Question 5

What are the well known ports

Answer 5

0-1023 They are designated by IANA

Question 6

What are the registered ports

Answer 6

1024-49,151 | Considered registered and assigned to proprietary protocols

Question 7

What are the Dynamic\private ports

Answer 7

49,152 to 65,535 These can be used by any application without being registered by IANA

Question 8

What is a DOS attack and the 5 main methods?

Answer 8

An attack with the intention of rendering a server or computer un-usable |
Common Methods:
Flood Attack
Fork Bomb
Ping of death
TearDrop
Permanent DOS

Question 9

What are the different methods of flood attacks

Answer 9

Pingflood
Smurf Attachk
Fraggle Attack
SYN Attack
XMAS Attack

Question 10

Describe a Smurf Attack

Answer 10

Attacker sends a ping to the subnet broadcast address, and devices reply with their IP, causing increase in bandwidth usage

Question 11

Describe a Fraggle Attack

Answer 11

Attacker sends a UDP echo packet to port 7 and 19 to flood a server with UDP packets

Question 12

SYN Attackes

Answer 12

Attacker iniciates multiple TCP session, but never completes the 3 way handshake

Question 13

What is a Ping of death

Answer 13

Attack that sends an oversized and malformed packet to another computer or server

Question 14

What is a Tear Drop Attack

Answer 14

Packets are broken into IP fragments, modified with overlapping and oversized payloads, and then sent to a vitcim

Question 15

PDOS - what is it?

Answer 15

An attack which exploits a security flaw to permanently breaking a network device by flashing its firmware with unsigned software

Question 16

Fork Bomb Attack

Answer 16

Attack that creates a large number of processes to consume processing resources on a PC. This is not a worm as it does not use the network to spread or infect programs

Question 17

How do you stop a DOS or DDOS

Answer 17

Make use of blackholing \ Sinkholing through identifying ip routes and traffic to non-existent server through null interface. IPS can also help to prevent small-scale DDOS. Having an elastic cloud network infrastrutre can also aid in limiting success of DDOS

Question 18

What is hijacking

Answer 18

Exploitation of a computer session in an attempt to gain unauthorized access to data, services or other resources.

Question 19

What are the 8 forms of session hijacking

Answer 19

Session theft,
TCP\IP Hijacking,
Blind Hijacking,
Click Jacking,
MITM
Man in the Browser
Waterholing
XSS - Cross Site Scripting

Question 20

What is Session Theft

Answer 20

Attacker guesses the session ID belonging to a web session. This enables them to take over the already active and authenticated session.

Question 21

what is TCP\IP Hijacking

Answer 21

When an attacker takes over a TCP Session beyween two PCs without the need of a cookie or other host access.

TCP sessions only authenticate once durring the initial 3 way handshake. If the attacker can guess the next number in the packet sequence, they can jack the session.

Question 22

What is blind hijacking

Answer 22

When an attacker blindly injects data into a communication stream without being able to see if the hijack was successful or not.

Question 23

What is clickjacking

Answer 23

Attack that uses multiple transparent web layers to trick a user into clicking on a button or link on a website, while the user thinks what they are clicking on is legit

Question 24

What is MITM

Answer 24

An attack that causes data to flow through the attackers computer where they can intercept and manipulate data

Question 25

What is MITB