Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security+ (SY0-701) > Threat, Vulnerabilities and Mitigations: Indicators of Network Attacks > Flashcards

Threat, Vulnerabilities and Mitigations: Indicators of Network Attacks Flashcards

1
Q

What are some signs of DDoS attacks?

A

These types of attacks, known as DDoS attacks, are network-based and are typically indicated by:

High network-bandwidth utilization and inbound traffic.

Can’t access network services, such as websites, the cloud, and servers.

Can’t access your network.

Overloaded network appliances:

-DDoS attacks can be used to crash firewalls and Intrusion Detection
Systems (IDS) and intrusion prevention services (IPS).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are signs of DNS attacks?

A

Domain name system (DNS) attacks can include:

Domain takeover and hijacking.

Domain spoofing and poisoning:

Static DNS set for Network Adapter in Windows 

hosts file 

resolv.conf file 

Poisoned DNS cache: 

ipconfig /all 

ipconfig /displaydns
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are signs of Wireless attacks?

A

Hallmarks of wireless attacks are:

Poor network performance over Wi-Fi.

Unauthorized devices on network: check the list of connected hosts using the admin console.

Changes to access point (AP) or router settings:

-Service set identifier (SSID)

-Password or pre-shared key (PSK)

-DNS

-Firewall rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the signs of Inability of connecting to Wi-Fi?

A

Inability to connect to Wi-Fi:

Disassociation and/or deauthentication attack.

Jamming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are signs of Rogue AP attack?

A

Rogue APs and/or Evil Twins:

Unusual requests for network credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the signs of MiTM/On Path Attack?

A

Man-in-the-middle (MiTM) or on-path attack indicators can include:

Anything strange with Secure Sockets Layer (SSL)/Transport Layer Security (TLS)

Warnings

Mismatches: compare to certification for the site in question

Unexpected login prompts

Strange emails, such as responses to emails you never sent or odd responses to messages you did send.

Unexpected SMS verifications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What signs of a Credential replay being actioned?

A

Credential replays

Indicators can include:

 Unexpected account lockouts: an attacker might be trying to reuse 
 credentials repeatedly.

Unusual login activity, such as:

Email notifications that a new login has occurred

Emails that contain privileged information, such as:

Device Type 

Operating system (OS) 

IP 

Geolocation 

Time of log in

Suspicious account changes, such as modifications to:

Phone numbers. 

Backup accounts. 

Signed-in devices.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some signs of using malicious codes for a network attack?

A

Hallmarks can include:

Known Command and Control (C2) traffic.

Data exfiltration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security+ (SY0-701) (122 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions