SecFND challenge Q's
BGP
routing protocol that is used between the major ISPs?
Only the signer has sole possession of the private key.
What is the reason that a digital signature can be used to provide the authenticity of digitally signed data?
three-way handshake
What phases of the TCP communication process is attacked during a TCP SYN flood attack?
SQL slammer and UDP flooding
What two are examples of UDP-based attacks?
DoS and MITM
What two attacks are initiated by a rogue DHCP server?
1. memory that is left behind from active log-on sessions 2. relevant authentication databases
What two describe how attackers obtain access to password hashes?
smurf and ping of death attack
What two types of attacks are examples of ICMP DoS attacks?
session hijacking
What type of IP attack occurs when an attacker inserts itself into a communication session and then takes over the session?
role-based access control
What type of access control model is used to set up multiple accounts with different access levels on a system?
reflection attack
What type of attack occurs when an attacker sends a flood of protocol request packets to various IP hosts and the attacker spoofs the source IP address of the packets, such that each packet has the IP address of the intended target rather than the IP address of the attacker as its source address?
4 bytes
When using the 802.1Q frame tagging protocol, how much additional overhead does the protocol add to the frame structure?
increase the data privacy by encrypting it
Which activity can be used to ensure data confidentiality?
uses DNS servers to resolve many different IP addresses over short span of time
Which best describes a fast flux service network?
by using multiple DNS open resolvers to send DNS response messages to the target device
Which best describes how a DNS amplification and reflection attack is implemented?
hash cryptography
Which form of cryptography is used to protect passwords? asymmetric cryptography
VLANs separate a large broadcast domain into smaller broadcast domains.
Which one of the following best describes how VLANs improve network performance?
more efficient use of IP addresses aand better-defined network hierarchical levels
two options of using VLSM when subnetting a block of IP addresses?
Smurf
A ping attack that exploits the broadcast IP address in a subnet is referred to as what type of attack?
The client will receive the same public key that it had stored for the server.
If a client connected to a server using SSHv1 previously, how should the client be able to authenticate the server?
It will forward the frame out of the identified port in the table and filter transmission to all other ports.
If a switch receives a frame for an endpoint whose MAC address exists in the MAC address table, how does it process the traffic?
The device is running a Linux operating system.
If an attacker sends a UDP message with the DF (Do Not Fragment) bit set to a target host and gets a response with the ToS byte set to 0xCO, what information could the attacker have obtained?
the CA administrator contacts the certificate applicant to verify that their enrollment data before the request can be approved.
PKI operation that would likely cause out-of-band communication over the phone?
acts as a "middle man" to forward DHCP requests to a designated remote DHCP server
The role of the DHCP relay agent in a network infrastructure?
reduce an organization's security risk and protect the privacy of individuals in an organization
What are two goals of compliance regulations?
attempts to consume all of a critical computer or network resource in order to make it unavailable for valid use
What best describes a DoS attack?
A small forged packet elicits a large reply from the reflectors.
What best describes an amplification attack?
the sum of the different points ("attack vectors") in a given computing device or network that are accessible to an unauthorized user ("attacker")
What best describes an attack surface?
a path, method, or route by which an attack was carried out
What best describes an attack vector?
use encryption between sending and receiving parties
What is a countermeasure that an organization can employ to improve the confidentiality of data that is transmitted by users and devices?
A digital certificate certifies the ownership of the public key of the named subject of the certificate.
What is a digital certificate used to certify about an entity?
amplification attack
What type of attack occurs when the attacker spoofs the IP address of the victim, sending a continuous stream of small requests, which produce a continuous stream of much larger replies that are to be sent to the victim's IP address?
risk severity
What type of information does CVSS provide for a vulnerability?
IP spoofing
What type of spoofing attack uses fake source IP addresses that are different than their real IP addresses?
to supply the TFTO server IP address for image download
When using DHCP with IP phones, what is option 150 used for?
a reference point, the logical center
Which one of the following options best describes the function of the root bridge in a spanning tree protocol?
Reply packets that belong to an established TCP connection will be permitted if the TCP packet has the ACK or RST bit set.
Which one of the following options does the established keyword in an ACL entry indicate?
specialized ASIC hardware
Which one of the following options is most used by multilayer switches to allow for wire-speed switching?
DH group
Which one of the following options was used by Diffie-Hellman to determine the strength of the key that is used in the key agreement process?
An LWAP is part of a unified wireless access system where a centralized wireless LAN controller manages the administrative functions of network access.
Which one of the following statements best describes a lightweight access point (LWAP)?
It inserts a 4-byte header after the source MAC address in the original Ethernet frame, which carries the VLAN information.
Which one of the following statements best describes how 802.1q incorporates VLAN information onto an Ethernet frame?
A default route is an optional entry that is used when no explicit path to a destination is found in the routing table.
Which one of the following statements best describes the purpose of a default route?
AES_128_CBC
Which part of the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384 cipher suite is used to specify the bulk encryption algorithm?
UDP checksum
Which part of the UDP header would attackers replace if they change the data payload to prevent the receiver from identifying the change?
traceroute
Which protocol or diagnostic tool helps you determine how many hops away a network is and can be exploited by an attacker?
1. Malvertisement's malicious code may only infect during specific times. 2. Malvertisements affect both trustworthy and untrustworthy sites.
Which two are true about malvertisements?
1. the attacker's computer speed 2. the length and complexity of the password
Which two determine the speed at which a password can be cracked using the brute-force method?
1. The attacker does not know the actual password. 2. The attacker has control over the victim's machine.
Which two statements are true regarding an attacker who is performing a "pass-the-hash" attack?
If the server's private key is later compromised, all the prior TLS handshakes that are done using the cipher suite cannot be compromised.
Why is using ECDHE_ECDSA stronger than using RSA?
birthday attack
attack that can be used to find collisions in a cryptographic hash function?
It will flood the frame out all ports, except the one that it arrived on within the VLAN
how does a switch process traffic it does not have MAC address of an endpoint in MAC address table?