Threats, Vulnerabilities, and Mitigations (OBJ 2.0) Flashcards
Kelly Innovations LLC, an e-commerce website, experienced a sudden spike in its incoming traffic. The website’s logs showed that thousands of requests were being sent per second, originating from just a handful of IP addresses. However, upon further analysis, it was revealed that the request packets contained IP addresses that were not part of the originating addresses. The server quickly became overloaded, preventing access to legitimate users. Which of the following types of malicious activities is BEST described in this scenario?
Amplified DDoS attack
Which of the following email security techniques specifically utilizes email certificates to authenticate and safeguard email content?
S/MIME (Secure Multipart Internet Message Extensions) leverages email certificates to both sign and encrypt email content, ensuring both authenticity and confidentiality.
DMARC
Domain-based Message Authentication, Reporting & Conformance (DMARC) focuses primarily on the authenticity of the domain from which emails originate, rather than on using certificates to sign and encrypt the email content itself.
Transport Layer Security TLS
Transport Layer Security primarily encrypts the communication path between servers, but it doesn’t use individual email certificates for signing and encrypting content within the email.
SPF
Sender Policy Framework verifies the legitimacy of the sender’s IP against a list of approved IPs for the domain, but doesn’t use email certificates for content encryption or signature.
A hacktivist group targets a government website, flooding it with traffic to take it offline. They claim responsibility for the attack, stating that their goal is to protest the government’s new policies that they view as oppressive and harmful to civil liberties. What is the primary motivation for this attack?
Philosophical Beliefs (Correct)
Service Disruption
Blackmail
Financial Gains
