Section 4.2

Question 1

Describe Denial of Service attacks

Answer 1

It’s when a malicious actor overwhelms a network or service to make it unavailable

Question 2

What is ARP poisoning/spoofing?

Answer 2

when an on-path attacker sends an ARP response to the host and changes the host’s local ARP cache with a spoofed MAC address

Question 3

What is DNS poisoning?

Answer 3

modification of DNS records to redirect to malicious websites

Question 4

Why would a malicious actor want to use spoofed credentials?

Answer 4

to avoid detection and gain access

Question 5

What can be spoofed on a network?

Answer 5

IP address, DNS, ARP, MAC address

Question 6

What are commonly spoofed for social engineering?

Answer 6

Email addresses, phone numbers, voice, video

Question 7

Why is it bad to store passwords in plain text?

Answer 7

Because if an attacker acquires the file, they’ll have access to all the passwords.

Question 8

How should passwords be stored?

Answer 8

hashed and salted

Question 9

What is a brute force attack?

Answer 9

When a malicious actor uses a trial and error process to figure out the password.

Question 10

What technique is used to execute VLAN Hopping?

Answer 10

by double-tagging

Question 11

How can you detect and block rogue DHCP communication?

Answer 11

by enabling DHCP snooping

Question 12

What is an Evil Twin?

Answer 12

an access point made to look like a legitimate one

Question 13

How is an Evil Twin different from a Rogue Access Point?

Answer 13

Evil Twin is intentionally malicious
Rogue Access Points are unauthorized and can be accidental

Question 14

What is a Deauthentication attack?

Answer 14

a wireless attack that sends fake deauthentication packets to devices to disconnect them from an AP

Question 15

What’s the difference between Tailgating and Piggybacking?

Answer 15

Tailgating: authorized person is unaware
Piggybacking: authorized person is aware

Question 16

How can shoulder surfing be prevented?

Answer 16

by using Privacy Filters