CH11 Denial of Service

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

12. What response is missing in a SYN flood attack? A. ACK B. SYN C. SYN-ACK D. URG

A. ACK

4. In a DDoS attack, what communications channel is commonly used to orchestrate the attack? A. Internet Relay Chat (IRC) B. MSN Messenger C. ICMP D. Google Talk

A. Internet Relay Chat (IRC)

14. Which of the following attacks forges a TCP packet as both the source and destination IP address of the victim and causes the vicitm's computer to freeze or crash? A. Land B. Fraggle C. Teardrop D. Smurf

A. Land

2. Which DoS attack sends traffic to the target with a spoofed IP of the target itself? A. Land B. Smurf C. Teardrop D. SYN flood

A. Land

9. What is the key difference between a smurf and a fraggle attack? A. TCP vs. UDP B. TCP vs. ICP C. UDP vs. ICMP D. TCP vs. ICMP

A. TCP vs. UDP

11. What is the most common sign of a DoS attack? A. Weird messages B. Rebooting of a system C. Slow performance D. Stolen credentials

C. Slow performance

7. What command-line utility can you use to craft custom packets with specific flags set? A. Nmap B. Zenmap C. Ping D. hping3

D. hping3

16. Which of the following attacks uses UDP packets to target the broadcast address and cause a DoS? A. Smurf B. Fraggle C. Land D. Teardrop

B. Fraggle

18. What is the name for the dynamic memory space that, unlike the stack, doesn't rely on sequential ordering or organization? A. Pointer B. Heap C. Pile D. Load

B. Heap

23. When applications create variable memory segments in a dynamic fashion, what type of memory is being used? A. Stack B. Heap C. Virtual memory D. Virtual stack

B. Heap

19. The stack operates on a __________ basis. A. FIFO B. LIFO C. FILO D. LILO

B. LIFO

10. What is the main difference between DoS and DDoS? A. Scale of attack B. Number of attackers C. Goal of the attack D. Protocols in use

B. Number of attackers

20. Adding to and removing from a program stack are known as what? A. Pop and lock B. Push and pop C. Stack and pull D. Plus and minus

B. Push and pop

PICTURE 17. While monitoring traffic on the network, Jason captures the following traffic. What is he seeing occur? A. ICMP flood B. SYN flood C. Teardrop D. Land

B. SYN flood

6. What is an eight-in-one DoS tool that can launch such attacks as land and teardrop? A. Jolt B. Targa C. TFN2K D. Trinoo

B. Targa

13. A method that defends against a flooding attack and massive DoS attacks is referred to as what? A. Defense in depth B. Spam blocker C. Flood safe D. Flood guard

D. Flood guard

1. Jason is the local network administrator who has been tasked with securing the network from possible DoS attacks. Within the last few weeks, some traffic logs appear to have internal clients making requests from outside the internal LAN. Based on the traffic Jason has been seeing, what action should he take? A. Throttle network traffic. B. Update antivirus definitions. C. Implement egress filtering. D. Implement ingress filtering.

D. Implement ingress filtering.

15. Which type of network uses a group of zombie computers to carry out the commands of the bot master? A. Zombie net B. Zombie group C. Botnet D. Bot heard

C. Botnet

21. Which pointer in a program stack gets shifted or overwritten during a successful overflow attack? A. ESP B. ECP C. EIP (Extended Instruction Pointer) D. EBP

C. EIP (Extended Instruction Pointer)

5. What is a single-button DDoS tool suspected to be used by groups such as Anonymous? A. Trinoo B. Crazy Pinger C. LOIC D. DoSHTTP

C. LOIC

3. Zombies Inc. is looking for ways to better protect their web servers from potential DoS attacks. Their web admin proposes the use of a network appliance that receives all incoming web requests and forwards them to the web server. He says it will prevent direct customer contact with the server and reduce the risk of DoS attacks. What appliance is he proposing? A. Web proxy B. IDS C. Reverse proxy D. Firewall

C. Reverse proxy

8. What protocol is used to carry out a fraggle attack? A. IPX B. TCP C. UDP D. ICMP

C. UDP

22. Which function(s) are considered dangerous because they don't check memory bounds? (Choose all that apply.) A. gets() B. strcpy() C. scanf() D. strcat() E. All above.

E. All above.


Kaugnay na mga set ng pag-aaral

List the six criteria for evaluating sources and the six effective leads

View Set

Intro to Resp 121 Egan's Chapter 15

View Set

Chapter 40 Legal Issues Quality Assurance, and Infection Prevention

View Set

Chapter 21 Respiratory Care Modalities

View Set

Chapter 69: Management of Patients With Neurologic Infections, Autoimmune Disorders, and Neuropathies

View Set

Hundred Years War, Black Death War of the Roses

View Set

Evolve: Fundamentals Basics of Nursing Practice

View Set