12.4-12.6
Which of the following describes an on-path attack?
A false server intercepts communications from a client by impersonating the intended server.
What is the main difference between a worm and a virus?
A worm can replicate itself, while a virus requires a host for distribution.
Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on the network?
ARP poisoning
Which of the following attacks can also be used to perform denial of service (DoS) attacks?
ARP spoofing
What is spoofing?
Changing or falsifying information in order to mislead or re-direct traffic.
Which of the following is a text file that a website stores on a client's hard drive to track and record information about the user?
Cookie
Which type of denial-of-service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps hostnames to IP addresses?
DNS poisoning
Which of the following is an attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial-of-service attack
On your way into the back entrance of your work building one morning, a man dressed as a plumber asks you to let him in so he can fix the restroom. What should you do?
Direct him to the front entrance and instruct him to check in with the receptionist.
You are cleaning your desk at work. You toss several stacks of paper in the trash, including a sticky note with your password written on it. Which of the following types of non-technical password attacks have you enabled?
Dumpster Diving
Which of the following are examples of social engineering attacks? (Select two.)
Dumpster diving Shoulder surfing
Dumpster diving is a low-tech way of gathering information that may be useful for gaining unauthorized access or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving?
Establish and enforce a document destruction policy.
Which of the following is a common social engineering attack?
Hoax virus information emails.
As you are helping a user with a computer problem, you notice that she has written her password on a note stuck to her computer monitor. You check your company's Password Policy and find that the following settings are currently required: Minimum password length = 10 Minimum password age = 4 Maximum password age = 30 Password history = 6 Account lockout clipping level = 3 Require complex passwords that include numbers and symbols Which of the following is the best action to take to make remembering passwords easier so that the user no longer has to write their password down?
Implement end user training.
Which of the following is the MOST effective protection against IP packet spoofing on a private network?
Ingress and egress filters
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following attack types consists of capturing packets as they travel from one host to another with the intent of altering the contents?
On-path
Match each social engineering description on the left with the appropriate attack type on the right.
Phishing -An attacker sends an email pretending to be from a trusted organization, asking users to access a website to verify personal information. Whaling - An attacker gathers personal information about the target individual, who is a CEO. Spear phishing - An attacker gathers personal information about the target individual in an organization Dumpster diving - An attacker searches through an organization's trash for sensitive information Piggybacking - An attacker enters a secure building by following an authorized employee through a secure door without providing identification Vishing - An attacker uses a telephone to convince target individuals to reveal their credit card information.
Your network administrator is configuring settings so the switch shuts down a port when the max number of MAC addresses is reached. What is the network administrator taking countermeasures against?
Sniffing
What is the definition of any attack involving human interaction of some kind?
Social engineering
A router on the border of your network detects a packet with a source address from an internal client, but the packet was received on the internet-facing interface. Which attack form is this an example of?
Spoofing
Which type of activity changes or falsifies information in order to mislead or re-direct traffic?
Spoofing
While browsing the internet, you notice that the browser displays ads linked to recent keyword searches you performed. Which attack type is this an example of?
Spoofing
What should you try first if your antivirus software does not detect and remove a virus?
Update your virus detection software.
Using sniffers has become one way for an attacker to view and gather network traffic. If an attacker overcomes your defenses and obtains network traffic, which of the following is the BEST countermeasure for securing the captured network traffic?
Use encryption for all sensitive traffic.
You have just received a generic-looking email that is addressed as coming from the administrator of your company. The email says that as part of a system upgrade, you need to enter your username and password in a new website so you can manage your email and spam using the new service. What should you do?
Verify that the email was sent by the administrator and that this new service is legitimate.
A senior executive reports that she received a suspicious email concerning a sensitive internal project that is behind production. The email was sent from someone she doesn't know, and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of attack BEST describes the scenario?
Whaling
While browsing the internet, you notice that the browser displays ads linked to recent keyword searches you performed. Which attack type is this an example of?
Adware
Which of the following BEST describes the key difference between DoS and DDoS?
Attackers use numerous computers and connections
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. Which type of social engineering is this individual engaging in?
Authority
What is the primary countermeasure to social engineering?
Awareness
You are using a password attack that tests every possible keystroke for each single key in a password until the correct one is found. Which of the following technical password attacks are you using?
Brute force attack
