Network threats Flashcards

1
Q

What are the common Network Attacks?

A

DOS
Spoofing
Session Hijacking
Replay Attacks
Transitive Attacks
DNS Attacks
ARP Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is a port?

A

Logical communication endpoint that exists on a computer or server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is an inbound port

A

A logical communication opening on a serve that is listening for a connection from a client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is an outbound port

A

Logical communication opening on a client that is used to send requests and data to another devices listening inbound port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the well known ports

A

0-1023 They are designated by IANA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the registered ports

A

1024-49,151 | Considered registered and assigned to proprietary protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the Dynamic\private ports

A

49,152 to 65,535 These can be used by any application without being registered by IANA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a DOS attack and the 5 main methods?

A

An attack with the intention of rendering a server or computer un-usable |
Common Methods:
Flood Attack
Fork Bomb
Ping of death
TearDrop
Permanent DOS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are the different methods of flood attacks

A

Pingflood
Smurf Attachk
Fraggle Attack
SYN Attack
XMAS Attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Describe a Smurf Attack

A

Attacker sends a ping to the subnet broadcast address, and devices reply with their IP, causing increase in bandwidth usage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Describe a Fraggle Attack

A

Attacker sends a UDP echo packet to port 7 and 19 to flood a server with UDP packets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SYN Attackes

A

Attacker iniciates multiple TCP session, but never completes the 3 way handshake

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a Ping of death

A

Attack that sends an oversized and malformed packet to another computer or server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a Tear Drop Attack

A

Packets are broken into IP fragments, modified with overlapping and oversized payloads, and then sent to a vitcim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

PDOS - what is it?

A

An attack which exploits a security flaw to permanently breaking a network device by flashing its firmware with unsigned software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Fork Bomb Attack

A

Attack that creates a large number of processes to consume processing resources on a PC. This is not a worm as it does not use the network to spread or infect programs

17
Q

How do you stop a DOS or DDOS

A

Make use of blackholing \ Sinkholing through identifying ip routes and traffic to non-existent server through null interface. IPS can also help to prevent small-scale DDOS. Having an elastic cloud network infrastrutre can also aid in limiting success of DDOS

18
Q

What is hijacking

A

Exploitation of a computer session in an attempt to gain unauthorized access to data, services or other resources.

19
Q

What are the 8 forms of session hijacking

A

Session theft,
TCP\IP Hijacking,
Blind Hijacking,
Click Jacking,
MITM
Man in the Browser
Waterholing
XSS - Cross Site Scripting

20
Q

What is Session Theft

A

Attacker guesses the session ID belonging to a web session. This enables them to take over the already active and authenticated session.

21
Q

what is TCP\IP Hijacking

A

When an attacker takes over a TCP Session beyween two PCs without the need of a cookie or other host access.

TCP sessions only authenticate once durring the initial 3 way handshake. If the attacker can guess the next number in the packet sequence, they can jack the session.

22
Q

What is blind hijacking

A

When an attacker blindly injects data into a communication stream without being able to see if the hijack was successful or not.

23
Q

What is clickjacking

A

Attack that uses multiple transparent web layers to trick a user into clicking on a button or link on a website, while the user thinks what they are clicking on is legit

24
Q

What is MITM

A

An attack that causes data to flow through the attackers computer where they can intercept and manipulate data

25
Q

What is MITB

A