Threats and Vulnerabilities

Question 1

DOS (Denial of Service)

Answer 1

attack that attempts to make a computers resources unavailable

Question 2

Flood Attack

Answer 2

specialized type of denial of service that attempts to send more packets to a server or host than it can handle

Question 3

ping flood

Answer 3

type of flood attack in which too many ICMP echo requests are being sent

Question 4

syn flood

Answer 4

type of flood attack in which attacker initiates multiple tcp sessions but never completes threeway handshake

Question 5

How Can flood attacks be mitigated

Answer 5

Flood Guards- detect syn floods and block requests, Timeouts- timeout on a half open request, IPS (intrusion prevention systems)

Question 6

Permanent Denial of Service (PDOS)

Answer 6

exploits a security flaw to permanently break a networking device, rebooting wont fix the break , reflashes firmware

Question 7

fork bomb/rabbit attack

Answer 7

attack that creates many processes to use up available processing power of a computer, not a worm, only spread out inside processors cache on a single computer

Question 8

DDOS (distributed Denial of Service)

Answer 8

use lots of machines to attack a server to create denial of service

Question 9

DNS Amplification

Answer 9

allows attacker to send packets to flood victims website to initiate DNS requests from a spoof version of targets IP address

Question 10

How to mitigate or beat DDOS?

Answer 10

blackwhole/sinkhole- reroutes attacking IP addresses and routes them to a nonexistent server through null interface
IPS- identify and respond to small scale DDOS attacks
Elastic Cloud infrastructure- scale up when demand increases

Question 11

spoofing

Answer 11

when attacker masquerades as another person by falsifing their identity

Question 12

IP Spoofing

Answer 12

modifies source address of an IP packet to hide the identity of sender or impersonate another client or both, layer 3 of the OSI model

Question 13

MAC Address Spoofing

Answer 13

changing mac address to pretend the use of a different NIC Or device, layer 2 of the OSI model

Question 14

On path attack

Answer 14

AKA man in the middle attack, attackers put themselves logically between the victim and the intended destination

Question 15

ARP poisoning

Answer 15

on path attack on local IP subnet in which the attacker sends their own mac addresss instead of intended mac address so that you are communicating with them and not the device that you though you were

Question 16

DNS Poisoning

Answer 16

similar to ARP poisoning but with DNS

Question 17

Rogue WAP

Answer 17

types of on path attack

Question 18

Rogue Switch or hub

Answer 18

type of on path attack

Question 19

replay

Answer 19

valid data is captured by the attacker and is then repeated immediately or delated and then repeated

Question 20

relay

Answer 20

attacker inserts themselves in between two hosts, attacker becomes proxy between the two hosts, attacker can read and modify communications

Question 21

SSL stripping

Answer 21

attacker tricks encryption application into presenting the user with a http connection instead of a https connection

Question 22

downgrade attack

Answer 22

attacker attempts to have a client or server abandon a high security mode in favor for a lower security mode

Question 23

SQL injection

Answer 23

attack where insertion of an SQL query via input data from client to web application

Question 24

cross site scripting (XXS)

Answer 24

attacker embeds malicious scripting commands on a trusted website, attacker is trying to elevate privileges, steal information from victims cookies or gain information stored by victims web browser,

Question 25

How can user prevent XXS attacks

Answer 25

increasing security settings for cookie storage and disabling scripting languages when browsing the web

Question 26

XXSRF (cross site request forgery)

Answer 26

attacker forces a user to execute actions on a webserver for which they are already authenticated

Question 27

how to prevent XXSRF attacks?

Answer 27

Captchas
tokens
xml file scanning
encryption
cookie verification