SEC+ Revision Questions Types Of Attacks Flashcards
You are inspecting a user’s system after she has complained about slow Internet usage. After analysing the system, you notice that the MAC address of the default gateway in the ARP cache is referencing the wrong MAC address. What type of attack has occurred?
A. Brute force
B. DNS poisoning
C. Buffer overflow
D. ARP poisoning
ARP poisoning
You want to implement a security control that limits the amount of tailgating in a high-security environment. Which of the following protective controls would you use?
A. Swipe cards
B. Mantrap
C. Locked door
D. CMOS settings
Mantrap
Which of the following descriptions best describes a buffer overflow attack?
A. Injecting database code into a web page
B. Using a dictionary file to crack passwords
C. Sending too much data to an application that allows the hacker to run arbitrary code
D. Altering the source address of a packet
Sending too much data to an application that allows the hacker to run arbitrary code
You are analyzing web traffic in transit to your web server and you notice someone logging on with a username of Bob with a password of “pass’ or 1=1–”. Which of the following describes what is happening?
A. XML injection
B. A SQL injection attack
C. LDAP injection
D. Denial of service
A SQL injection attack
A user on your network receives an e-mail from the bank stating that there has been a security incident at the bank. The e-mail continues by asking the user to log on to her bank account by following the link provided and verify that her account has not been tampered with. What type of attack is this?
A. Phishing
B. Spam
C. Dictionary attack
D. Spim
Phishing
What type of attack involves the hacker modifying the source IP address of the packet?
A. Xmas attack
B. Spear phishing
C. Spoofing
D. Pharming
Spoofing
Which of the following files might a hacker modify after gaining access to your system in order to achieve DNS redirection?
A. /etc/passwd
B. Hosts
C. SAM
D. Services
Hosts
What type of attack involves the hacker sending too much data to a service or application that typically results in the hacker gaining administrative access to the system?
A. Birthday attack
B. Typo squatting/URL hijacking
C. Eavesdrop
D. Buffer overflow
Buffer overflow
Which of the following methods could be used to prevent ARP poisoning on the network? (Choose two.)
A. Static ARP entries
B. Patching
C. Antivirus software
D. Physical security
E. Firewall
A. Static ARP entries
D. Physical security
As a network administrator, what should you do to help prevent buffer overflow attacks from occurring on your systems?
A. Static ARP entries
B. Antivirus software
C. Physical security
D. Patching
Patching
Which of the following is the term for a domain name that is registered and deleted repeatedly as to avoid paying for the domain name?
A. DNS redirection
B. Domain poisoning
C. Domain kiting
D. Transitive access
Domain Kiting
You receive many calls from customers stating that your web site seems to be slow in responding. You analyze the traffic and notice that you are receiving a number of malformed requests on that web server at a high rate. What type of attack is occurring?
A. Eavesdrop
B. Denial of service
C. Man in the middle
D. Social engineer
Denial of service
What type of attack is a smurf attack?
A. Distributed denial of service (DDoS)
B. Denial of service (DoS)
C. Privilege escalation
D. Malicious insider threat
Distributed denial of service (DDoS)
Your manager has ensured that a policy is implemented that requires all employees to shred sensitive documents. What type of attack is your manager hoping to prevent?
A. Tailgating
B. Denial of service
C. Social engineering
D. Dumpster diving
Dumpster diving
What type of attack involves the hacker inserting a client-side script into the web page?
A. XSS
B. Watering hole attack
C. ARP poisoning
D. SQL injection
XSS
Your manager has read about SQL injection attacks and is wondering what can be done to protect against them for your applications that were developed in-house. What would you recommend?
A. Patching
B. Antivirus
C. Input validation
D. Firewall
Input Validation
A hacker is sitting in an Internet cafe and ARP poisons everyone connected to the wireless network so that all traffic passes through the hacker’s laptop before she routes the traffic to the Internet. What type of attack is this?
A. Rainbow tables
B. Man in the middle
C. DNS poison
D. Spoofing
Man in the middle
Which of the following best describes a zero-day attack?
A. An attack that modifies the source address of the packet
B. An attack that changes the computer’s system date to 00/00/00
C. An attack that never happens
D. An attack that uses an exploit that the product vendor is not aware of yet
An attack that uses an exploit that the product vendor is not aware of yet
What type of file on your hard drive stores preferences from web sites?
A. Cookie
B. Hosts
C. LMHOSTS
D. Attachments
Cookie
What type of attack involves the hacker disconnecting one of the parties from the communication and continues the communication while impersonating that system?
A. Man in the middle
B. Denial of service
C. SQL injection
D. Session hijacking
D. Session hijacking
What type of password attack involves the use of a dictionary file and modifications of the words in the dictionary file?
A. Dictionary attack
B. Brute-force attack
C. Hybrid attack
D. Modification attack
Hybrid attack
Which of the following countermeasures is designed to protect against a brute-force password attack?
A. Patching
B. Account lockout
C. Password complexity
D. Strong passwords
Account lockout
Three employees within the company have received phone calls from an individual asking about personal finance information. What type of attack is occurring?
A. Phishing
B. Whaling
C. Tailgating
D. Vishing
Vishing
Tom was told to download a free tax program to complete his taxes this year. After downloading and installing the software, Tom notices that his system is running slowly and he is receiving notification from his antivirus software. What type of malware has he installed?
A. Keylogger
B. Trojan
C. Worm
D. Logic bomb
Trojan
Jeff recently reports that he is receiving a large number of unsolicited text messages to his phone. What type of attack is occurring?
A. Bluesnarfing
B. Whaling
C. Bluejacking
D. Packet sniffing
Bluejacking
An employee is suspected of sharing company secrets with a competitor. After seizing the employee laptop, the forensics analyst notices that there are a number of personal photos on the laptop that have been e-mailed to a third party on the Internet. When the analyst compares
the hashes of the personal images on the hard drive to what is found in the employee’s mailbox, the hashes do not match. How was the employee sharing company secrets?
A. Digital signatures
B. Steganography
C. MP3Stego
D. Whaling
Steganography
You arrive at work today to find someone outside the building digging through their purse. As you approach the door, the person says, “I forgot my pass at home. Can I go in with you?” What type of attack could be occurring?
A. Tailgating
B. Dumpster diving
C. Brute force
D. Whaling
Tailgating
Your manager has requested that the combo pad locks used to secure different areas of the company facility be replaced with electronic swipe cards. What type of social engineering attack is your manager hoping to avoid with this change?
A. Hoaxes
B. Tailgating
C. Dumpster diving
D. Shoulder surfing
Shoulder Surfing
Your manager has been hearing a lot about social engineering attacks and wonders why such attacks are so effective. Which of the following identifies reasons why the attacks are so successful? (Choose three.)
A. Authority
B. DNS poisoning
C. Urgency
D. Brute force
E. Trust
Authority, Urgency
