Networks and Network Security Flashcards

module three

1
Q

What is a DDoS attack?

A

Distributed Denial of Service (DDoS) attack, which uses multiple devices to flood the target network with unwanted traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Describe a SYN flood attack.

A

An attack that poses as a TCP connection, flooding a server with packets simulating the first step of the TCP handshake.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What happens during a Ping of Death attack?

A

A hacker sends a system an ICMP packet that is bigger than 64KB, causing the system to crash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a key characteristic of an on-path attack?

A

The attacker intercepts and potentially alters communication between two trusted devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define packet sniffing.

A

The practice of capturing and inspecting data packets traveling across a network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How does IP spoofing work?

A

An attacker changes the source IP of a data packet to impersonate an authorized system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a smurf attack?

A

A network attack where an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Explain a replay attack

A

An attack where a malicious actor intercepts a data packet in transit and delays it or repeats it at another time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does a security information and event management (SIEM) tool do?

A

Collects and analyzes log data to monitor critical activities within an organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the key uses of a network protocol analyzer like tcpdump?

A

To capture and analyze data traffic within a network for monitoring and identifying suspicious activity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an ICMP flood?

A

A type of DoS attack where an attacker repeatedly sends ICMP request packets to a network server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can a firewall help prevent network attacks?

A

By monitoring and filtering incoming and outgoing traffic based on a set of security rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the purpose of a controlled zone in network security?

A

To protect a company’s internal network from an uncontrolled security zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define a backdoor attack.

A

An attack where weaknesses are intentionally left by programmers to bypass normal access control mechanisms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What impact can a DDoS attack have on an organization?

A

It can cause financial loss, damage to reputation, and disrupt public safety

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How does an intrusion detection system (IDS) function?

A

It monitors system activity and alerts administrators to possible intrusions based on the signature of malicious traffic.

17
Q

What is the role of an intrusion prevention system (IPS)?

A

To monitor system activity for intrusive actions and take action to stop them.

18
Q

What is a botnet?

A

A collection of computers infected by malware and controlled by a single threat actor.

19
Q

Describe the process of cryptographic erasure.

A

Destroying the cryptographic keys used for decrypting data, making the data undecipherable.

20
Q

What is the purpose of hashing and salting in security?

A

To convert information into a unique value (hashing) and add random characters (salting) to increase security.

21
Q

How can multi-factor authentication (MFA) enhance security?

A

By requiring users to verify their identity in two or more ways to access a system or network.

22
Q

What is the significance of a virtual machine (VM) in cybersecurity?

A

It provides an isolated environment to run code, preventing malicious code from affecting the rest of the system.

23
Q

Explain the concept of sandboxing in cybersecurity.

A

A testing environment that allows software or programs to run separately from the network to detect vulnerabilities or malware.

24
Q

What is the purpose of a baseline configuration in security?

A

To serve as a fixed reference point for comparing changes made to a system or environment.

25
Q

How can CAPTCHA and reCAPTCHA prevent brute force attacks?

A

By requiring users to complete tests that prove they are human, preventing automated attacks.