Week 9 - MiM Attack & DDoS Flashcards

1
Q

What is a web app?

A

An application that runs in a web browser and require an active network connection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What layer does client side and server side interact?

A

Application Layer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is HTTP?

A

Hypertext Transfer Protocol is used to communicate between client and server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

True or False. HTTP is not stateless?

A

False. HTTP is stateless.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many HTTP methods are there?

A
  1. GET, POST, HEAD, OPTIONS, PUT, PATCH.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is URL?

A

Uniform Resource Location.
Structure: protocol://hostname[:port]/[path/]file[?param=value]
Example: https://staffportal.curtin.edu.au/wplogin.php?foo=ba

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a cookie?

A

Short-lived storage on the client, it is a way to maintain a state. This means authentication can exist (stateful).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

List a few advantages of cookies.

A

User friendly
Convenience
Marketing
Configurations
Server Requirements
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a proxy server?

A

A system or router that provides a gateway between users and the web app/servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

List a couple of advantages of a proxy server.

A

+ Balance internet traffic to prevent crashes.
+ Control the website employees and staff access in the office.
+ Save bandwidth by caching files or compressing incoming traffic.
+ Secure employees’ internet activity from people trying to snoop on them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Man-in-the-Middle Attack (MIM Attack)?

A

Involves a compromised proxy that an attacker gains control over and sits between a client and a target server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What can happen with a MIM attack?

A

Attack can intercept, modify, or eavesdrop on the communication between the client and the target server, potentially leading to various security and privacy issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How to mitigate a proxy attack?

A

Use HTTPS. HTTP over TLS/SSL to encrypt normal HTTP requests and responses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Can Burp Suite intercept HTTPS?

A

Yes, but TLS-encrypted traffic must be decrypted. This can occur if burp has private key or certificate access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Denial of Service attack (DoS)?

A

A single attack using his own computer and network to flood the victim’s server in order to shut down the target service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the key difference between DoS and DDoS?

A

DDoS leverages a group of remote systems that are compromised and under the attacker’s control (botnet) to perform a denial of service.

17
Q

List three types of DoS attacks.

A
  1. Volume-based Dos Attack
    - Flood target with enormous amount of server bandwidth (100GpS). Targeting the server’s bandwidth.
  2. Protocol-based DoS Attack
    - Targeting the vulnerability in the OSI model layer 3 or layer 4 weaknesses. Protocol based attacks fill the server resources, so there is no place to store the upcoming requests.
  3. Application-based DoS Attack
    - Targeting the top layer in the OSI model, layer 7 (stealthy).
18
Q

How to mitigate a DoS Attack?

A

+ Traffic filtering and rate limiting
* Block suspicious traffic & limit requests
+ Intrusion Detection & Prevention Systems (IDS/IPS)
* Block suspicious traffic patterns.
+ Monitoring and Logging
* Log system to detect unusual traffic patterns