Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 19.184 On-path Attacks > Flashcards

Section 19.184 On-path Attacks Flashcards

Objective 2.4 Given a scenario, you must be able to analyse indicators of malicious activity

1
Q

On-path Attacks

A

An attack where the attacker positions their workstation logically between two hosts during communication

■ The attacker transparently captures, monitors, and relays communications between those hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Methods for On-Path Attacks

ARP Poisoning

A

Manipulating Address Resolution Protocol (ARP) tables to redirect
network traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Methods for On-Path Attacks

DNS Poisoning

A

Altering DNS responses to reroute traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Methods for On-Path Attacks

Rogue Wireless Access Point

A

Creating a fake wireless access point to intercept traffic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Methods for On-Path Attacks

Rogue Hub or Switch

A

Introducing a malicious hub or switch to capture data on a wired network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Replay Attack

A

Occurs when an attacker captures valid data and then replays it immediately or
with a delay

■ Common in wireless network attacks; can also be used in wired networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Relay Attack

A

The attacker becomes part of the conversation between two hosts

■ Serves as a proxy and can read or modify communications between the hosts

■ Any traffic between the client and server goes through the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Challenges with Replay and Relay

A

Encryption can make interception and crafting communication difficult

■ Strong encryption schemes like TLS 1.3 can pose significant challenges for
attackers

■ Techniques like SSL stripping may be used to downgrade encryption to an unsecured connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SSL Stripping

A

○ An attack that tricks the encryption application into presenting an
HTTP connection instead of HTTPS

○ Enables attackers to capture unencrypted data when the user
believes they are using a secure connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Downgrade Attack

A

An attacker forces a client or server to abandon a higher security mode in favor
of a lower security mode

■ Scope of Downgrade Attacks:
● Downgrade attacks can be used with various encryption and protection methods, including Wi-Fi and VPNs

● Any situation where a client agrees to a lower level of security that is still backward compatible can be vulnerable to a downgrade attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (205 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions