Networks and Network Security Flashcards
module three
What is a DDoS attack?
Distributed Denial of Service (DDoS) attack, which uses multiple devices to flood the target network with unwanted traffic.
Describe a SYN flood attack.
An attack that poses as a TCP connection, flooding a server with packets simulating the first step of the TCP handshake.
What happens during a Ping of Death attack?
A hacker sends a system an ICMP packet that is bigger than 64KB, causing the system to crash.
What is a key characteristic of an on-path attack?
The attacker intercepts and potentially alters communication between two trusted devices.
Define packet sniffing.
The practice of capturing and inspecting data packets traveling across a network.
How does IP spoofing work?
An attacker changes the source IP of a data packet to impersonate an authorized system.
What is a smurf attack?
A network attack where an attacker sniffs an authorized user’s IP address and floods it with ICMP packets.
Explain a replay attack
An attack where a malicious actor intercepts a data packet in transit and delays it or repeats it at another time.
What does a security information and event management (SIEM) tool do?
Collects and analyzes log data to monitor critical activities within an organization.
What are the key uses of a network protocol analyzer like tcpdump?
To capture and analyze data traffic within a network for monitoring and identifying suspicious activity.
What is an ICMP flood?
A type of DoS attack where an attacker repeatedly sends ICMP request packets to a network server.
How can a firewall help prevent network attacks?
By monitoring and filtering incoming and outgoing traffic based on a set of security rules.
What is the purpose of a controlled zone in network security?
To protect a company’s internal network from an uncontrolled security zone.
Define a backdoor attack.
An attack where weaknesses are intentionally left by programmers to bypass normal access control mechanisms.
What impact can a DDoS attack have on an organization?
It can cause financial loss, damage to reputation, and disrupt public safety
How does an intrusion detection system (IDS) function?
It monitors system activity and alerts administrators to possible intrusions based on the signature of malicious traffic.
What is the role of an intrusion prevention system (IPS)?
To monitor system activity for intrusive actions and take action to stop them.
What is a botnet?
A collection of computers infected by malware and controlled by a single threat actor.
Describe the process of cryptographic erasure.
Destroying the cryptographic keys used for decrypting data, making the data undecipherable.
What is the purpose of hashing and salting in security?
To convert information into a unique value (hashing) and add random characters (salting) to increase security.
How can multi-factor authentication (MFA) enhance security?
By requiring users to verify their identity in two or more ways to access a system or network.
What is the significance of a virtual machine (VM) in cybersecurity?
It provides an isolated environment to run code, preventing malicious code from affecting the rest of the system.
Explain the concept of sandboxing in cybersecurity.
A testing environment that allows software or programs to run separately from the network to detect vulnerabilities or malware.
What is the purpose of a baseline configuration in security?
To serve as a fixed reference point for comparing changes made to a system or environment.
How can CAPTCHA and reCAPTCHA prevent brute force attacks?
By requiring users to complete tests that prove they are human, preventing automated attacks.
