Threats & Vulnerabilities Flashcards
What is the difference between a DoS and a DDoS
DoS is typically conducted from a single system, DDoS uses multiple compromised systems to attack the target.
An attempt to flood the bandwidth or resources of a targeted system so that it becomes overwhelmed with false requests and in result doesn’t have time or resources to handle legitimate requests is called:
DoS attack
A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:
0 day
Which of the following attacks relies on intercepting and altering data sent between two networked hosts?
Man in the middle (MITM) attack
An attack against encrypted data that relies heavily on computing power to check all possible password combinations until the correct one is found is known as:
Brute Force Attack
Which password attack takes advantage of a predefined list of words?
Dictionary attack
What can be used to speed up the process of password guessing
Rainbow tables
What is contained in a rainbow table
Hash / Passwords
An email sent from unknown source disguised as a trusted source known to the message receiver is an example of: [2]
- Spoofing
- Social Engineering
What kind of general term is used to describe the process of securing a computer system?
Hardening
The intermediary systems used as a platform for a DDoS attack are often referred to as:
Zombies
A GROUP of intermediary systems used as a platform for a DDoS attack are often referred to as:
A botnet.
What defines a set of rules enforced in a network tha t the clients attempting to access the network must comply with?:
NAC ( Network Access Control)
When can NAC policies be enforced?
Before or after end-stations gain access to the network
Define Pre-Admission NAC:
Where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network
