SECFND: Understanding Network Applications
The web server's certificate
What is presented from the web server to the client browser in order for the browser to authenticate the web server?
The attacker waits until after a communication session is established.
What is the key to the success of an MITM attack?
provides basic Layer 3 functions for the Layer 2 switch ports assigned to a VLAN
What is the purpose of the switched virtual interface on a multilayer switch?
referral message
What kind of response message can a root name server send to the DNS recursor to inform it to ask the gTLD name servers for the .com domain name space?
IMAP
What protocol uses TCP port 143:
IMAP, POP, MAPI
What three protocols are used to retrieve email?
Sender and recipients
What two options are contained in the SMTP envelope?
HTTP Headers, & HTTP cookies
What two types of information are encrypted by the HTTPS protocol?
drive-by-download
What type of attack describes malicious JavaScript, which redirects an unsuspecting user to download malware from a remote website?
ACK or RST
Which TCP flag(s) must be set in a packet in order for the packet to match an ACL entry that contains the established keyword?
HTTP/HTTPS
Which of the following protocols is typically used as the communication channel between the client and the DDNS provider?
HELO, QUIT, DATA
Which three are SMTP commands?
Cookie information is sent in the response header, cookie information is sent in the request header, & cookie information is stored on the client's browser
Which three are important distinctions of HTTP?
to encrypt the data that is sent between the browser and the web server, to ensure the identity, trust, and validity of the web server, and to avoid detection when used to transport the attack CnC traffic
Which three are reasons for using HTTPS?
GET, PUT, HEAD
Which three are valid HTTP request methods?
SELECT, UPDATE, ALTER
Which three are valid SQL commands?
Expires, Domain, Path
Which three are valid fields in the Set-Cookie HTTP header?
MX maps a domain name to a list of mail servers for that domain
MX record:
AAAA is used to map hostnames to the IPv6 address of the host
AAAA record:
The CAM table is the primary table that is used to make Layer 2 forwarding decisions. The table is built by recording the source MAC address and inbound port of all incoming frames
CAM table
A CNAME record is used to specify that a domain name is an alias for another domain name, which is the "canonical" domain name
CNAME record:
VBscript, Javascript
Common client-side scripting languages are:
A record
DNS A record:
The RR defines the DNS data types that are stored in the DNS database
DNS Resource record:
Request was successful
HTTP server response code 200:
Resource moved permanently
HTTP server response code 301:
Requires authentication with server
HTTP server response code 401:
Access Denied
HTTP server response code 403:
proxy authentication required
HTTP server response code 407:
to permit only the returning TCP packets from an already existing TCP connection, and deny the initial TCP packet of a new session from an untrusted network
How can the established keyword in an ACL entry be used?
An NS record identifies the DNS servers that are responsible (authoritative) for a zone.
NS record:
A PTR points to a canonical name. The most common use is for implementing reverse DNS lookups, mapping an IP address to the hostname
PTR record:
A TXT record is used to associate any arbitrary text with a hostname. This record type is only used in specific cases such as Domain Keys Identified Mail, used as a method to detect email spoofing.
TXT record:
named anchor
Referring to the sample URL below, #section1 is which part of the URL? http://www.example.com/document/?docid=123456#section1
The plus (+) signs are used to represent the space character.
Referring to the sample URL below, what statement is correct? http://www.test.example.com/tags/html_form_submit.asp?text=Hello+C+C+N+A
Ne=292 and N=461 are the URL parameters.
Referring to the sample URL below, what statement is correct? http://www.example.com/hotel-search-results.jsp?Ne=292&N=461
Success
SMTP client reply code 2xx:
OK so far
SMTP client reply code 3xx:
Temporary failure
SMTP client reply code 4xx:
Permanent failure
SMTP client reply code 5xx:
Each zone contains an SOA record. The SOA record identifies the name server that is the best source of information for the data within the zone.
SOA record:
The web script may deliver malware without the user's knowledge.
What is a threat to the end user regarding web scripting?
The TCAM table stores ACL, QoS, and other information that is generally associated with upper-layer processing.
TCAM table
Traffic is encrypted between the client and the server
What is an advantage to using HTTPS?
VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all devices that will receive broadcast frames originating from any device within the set. Broadcast domains are typically bounded by routers because routers do not forward broadcast frames.
VLANS define what?
HTTP cookie
What HTTP feature is a small piece of data that is sent from the web server and stored in the user's web browser while the user is browsing?
HEAD
What HTTP method is used to request a response without the response body?
RDATA, TTL, CLASS
What are three valid fields in a DNS resource record?
data modification, theft or extraction of data
What are two main goals of SQL injection attacks?
authoritative
What is a DNS server that is responsible for the RRs for its zones considered to be?
SQL is used to query, operate, and administer a relational database
What is a characteristic of SQL?
Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching, but also forward frames that are based on Layer 3 and 4 information. Multilayer switches use ASIC hardware to perform header rewrites and forwarding.
What is a multilayer switch?
recursive resolution
What uses the most resources on the DNS resolver?
a logically defined broadcast domain on one or more switches
Which one of the following options best describes a VLAN?
POP
Which protocol uses the well-known TCP port 110?
DDNS is a popular choice for home users who wish to host a website, & DDNS is often used by attackers for CnC servers.
Which two statements are true about DDNS?
because they are exposed to the Internet
Why are open DNS resolvers vulnerable to attacks?
A DNS zone:
a contiguous portion of the domain name space in the DNS for which the administrative responsibility has been delegated to a single manager
query DNS servers for A records, display the default DNS server , & display all mail servers for a domain
nslookup does: