4.0 Network Attacks

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network. If the cordless phones are causing the interference, which two of the following wireless standards could the network be using?

802.11b, Bluetooth

Which of the following describes a man-in-the -middle?

A false server intercepts communications from a client by impersonating the intended server.

Which of the following attacks tries to associate an incorrect MAC address with a known IP address?

ARP poisoning

Which of the following best describes an evil twin?

An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information

When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?

An unauthorized user gaining access to sensitive resources

Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?

Backdoor

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

Bluejacking

You have just purchased a new network device and are getting ready to connect it to your network. What should you do to increase its security?

Change all default passwords and apply all patches and updates

What is spoofing?

Changing or falsifying information in order to mislead or re-direct traffic

As the victim of a Smurf attack, what protection measure is the most effective during the attack?

Communicating with your upstream provider

Which of the following is an example of privilege escalation?

Creeping privileges

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

DDoS

Which of the following is NOT a protection against session hijacking?

DHCP reservations

Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?

DNS poisoning

While using the Internet, you type the URL of one of you favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the server, the correct site is displayed. Which type of attack has likely occurred?

DNS poisoning

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

Denial of Service

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of Service attack

Which of the following is the best protection to prevent attacks on a mobile phone through the Bluetooth protocol?

Disable Bluetooth on the phone

What is the goal of a TCP/IP hijacking attack?

Executing commands or accessing resources on a system the attacker doesn't otherwise have authorization to access

Which of the following identifies an operating system or network service based upon its ICMP message quoting (response) characteristics?

Fingerprinting

Which of the following are denial of service attacks?

Fraggle and Smurf

Which of the following is the best countermeasure against man-in-the middle attacks?

IPSec

A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While she normally works from her office, today she is trying to access the wireless network from a conference room which is across the hall and next to the elevator. What is the most likely cause of her connectivity problem?

Interference is affecting the wireless signal

Which of the following attacks of successful causes a switch to function like a hub?

MAC flooding

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

Man-in-the-middle attack

Which of the following locations will contribute the greatest amount of interference for a wireless access point

Near backup generators Near Cordless pones

A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Privilege escalation

An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if the user account is used to perform admin functions?

Privilege escalation

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network office. What type of security risk is this?

Rouge access point

What is modified in the most common form of spoofing on a typical IP packet?

Source address

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?

Spoofing

Which type of activity changes or falsifies information in order to mislead or re-direct traffic?

Spoofing

What is the main difference between a DoS attack and a DDoS attack?

The DDoS uses zombie computers

Which statement best describes IPSec when used in tunnel mode?

The entire data packet, including headers, is encapsulated

You suspect that an Xmas tree attack is occurring on a system. Which two of the following could result if you do not stop the attack?

The threat agent will obtain info on open ports and the system will be unavailable for legit requests

Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: A wireless television distribution system running @2.4GHz A wireless phone system running @5.8GHz A wireless phone system running @900MHz An 802.11a wireless network running in the 5.725-5.850GHz range *An 802.11j wireless network running in the 4.9-5.0GHz range Since this equipment was installed, you wireless network has been experiencing significant interference. Which system is to blame?

The wireless TV system

What purposes does a wireless site survey serve? 2 answers

To identify the coverage areas and preferred placement of access points, and identify existing sources or potential sources of interference.

Which of the following best describes Bluesnarfing?

Unauthorized viewing calendar, e-mails, and messages on a mobile device.

Which of the following describes how a router can be used to implement security on your network?

Use an access control list to deny traffic from a specific IP address.

Which of the following describes marks that attackers place outside a building to identify an open wireless network?

War Chalking

The process of walking around an office building with an 802.11 signal detector is known as what?

War driving

What are the most common network traffic packets captured and used in a replay attack?

authentication

You need to enumerate the devices on your network and display the configuration details of the network. Which of the following utilities should you use.

nmap


Kaugnay na mga set ng pag-aaral

Digital Marketing Quiz Questions

View Set

Federal Law - Credit & information

View Set

Chapter 6-E: Insurance Rules and Regulations

View Set

Lecture 7: Module 2: Musculoskeletal (MSK) Conditions

View Set

L7, (Strength of Acids and Bases) Chemistry B Unit 2: Solutions, Acids, and Bases

View Set

Interpersonal Communication Exam 2 (Ch. 5-8)

View Set

Vocabulary Workshop Level F: Unit 11

View Set