Chapter 9: Network Risk Management

What characteristic of ARP makes it particularly vulnerable to being used in a DoS attack?

ARP performs no authentication, and so is highly vulnerable to attack.

Why might organizations be willing to take on the risk of BYOD?

BYOD practices can be cheaper for organizations to implement and tend to improve efficiency and morale for employees and students.

A spoofed DNS record spreads to other DNS servers. What is this attack called?

DNS poisoning

Which type of DoS attack orchestrates an attack using uninfected computers?

DRDoS (Distributed Reflection DoS) attack

Which of these attacks is a form of Wi-Fi DoS attack?

Deauthentication attack

Give an example of biometric detection.

Fingerprints, color pattern in the iris scans

A former employee discovers six months after he starts work at a new company that his account credentials still give him access to his old company's servers. He demonstrates his access to several friends to brag about his cleverness and talk badly about the company. What kind of attack is this?

Insider threat

Leading up to the year 2000, many people expected computer systems the world over to fail when clocks turned the date to January 1, 2000. What type of threat was this?

Logic bomb

A company wants to have its employees sign a document that details some project-related information that should not be discussed outside the project's team members. What type of document should they use?

NDA

A company accidentally sends a newsletter with a mistyped website address. The address points to a website that has been spoofed by hackers in order to collect information from people who make the same typo. What kind of attack is this?

Phishing

Your organization has just approved a special budget for a network security upgrade. What procedure should you conduct in order to make recommendations for the upgrade priorities?

Posture assessment

What are the four phases in the social engineering attack cycle?

Research, Build trust, Exploit, Exit

Which form of SHA was developed by private designers?

SHA-3

Which of the following is considered a secure protocol?

SSH

What is the difference between a vulnerability and an exploit?

Vulnerability - A weakness of a system, process, or architecture that could lead to compromised information or unauthorized access to a network. Exploit - In the context of network security, the act of taking advantage of a vulnerability.

What kind of attack simulation detects vulnerabilities and attempts to exploit them?

Vulnerability scanning

A neighbor hacks into your secured wireless network on a regular basis, but you didn't give him the password. What loophole was most likely left open?

Your neighbor may have learned your SSID and password to login by logging into the router via default Admin credentials to see the password you use from the router GUI.

What unique characteristic of zero-day exploits make them so dangerous?

Zero-day exploits are particularly dangerous because the vulnerability is exploited before the software developer has the opportunity to provide a solution for it or before the user applies the published solution.

List five subtypes of DoS attacks.

amplified DRDoS attack, DDoS (distributed DoS) attack, DoS (denial-of-service) attack, DRDoS (distributed reflection DoS) attack, PDoS (permanent DoS) attack

What type of scanning might identify that Telnet is running on a server?

port scanning