Security + Flashcards - 1.4
Which of the following does NOT provide encryption and is, therefore, vulnerable to eavesdropping and Man-in-the-Middle attacks?
NFC (Near Field Communications) : NFC (Near Field Communications) does not provide encryption, so eavesdropping and Man-in-the-Middle attacks are possible if the attacker can find some way of intercepting the communication and other software services are not encrypting the data.
A low level distributed denial of service (DDoS) attack that involves SYN or SYN/ACK flooding describes what type of attack?
Network : A network attack aims at consuming network bandwidth and denying it to legitimate hosts. For example, a SYN flood attack works by withholding the client's ACK packet during TCP's three-way handshake.
Wi-Fi Protected Access 2 (WPA2) improves the security of the WPA standard using Advanced Encryption Standard (AES) cipher with 128-bit keys deployed within the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). This type of protection makes a wireless access point NOT vulnerable to which of the following attacks when related to encrypted wireless packets?
(Initialization Vector) IV attacks : An Initialization Vector attack modifies the IV of an encrypted wireless packet during transmission to compute the RC4 keystream to decrypt all other wireless traffic. This attack becomes useless when WPA or WPA2 wireless protection is enabled.
Which of the following can perform a Denial of Service (DoS) attack against a wireless network? (Select all that apply.)
1. A deauthentication attack : A deauthentication attack sends a stream of spoofed frames to cause a client to deauthenticate. This is a type of DoS attack on wireless networks 2. A disassociation attack : A disassociation attack uses disassociation packets to remove a known wireless access point (WAP) from a client's list of available networks. This is a type of DoS on wireless networks.
Which of the following defeats a jamming attack and prevents disruption of a wireless network when a hacker uses an illegal access point (AP) with a very strong signal in close proximity? (Select all that apply.)
1. Boost the signal of the legitimate equipment. : Interference can disrupt a wireless network from other radio sources. One way to defeat a jamming attack is to boost the signal of the legitimate equipment. 2. Locate the offending radio source and disable it. : Interference can disrupt a wireless network from other radio sources. One way to defeat a jamming attack is to locate the offending radio source and disable it.
External hackers have some access to a company's website and made some changes. Customers have submitted multiple complaints via email for wrong orders and inappropriate images on the website. The Chief Information Officer (CIO) is now worried about the distribution of malware. The company should prepare for which of the following other issues or concerns? (Select all that apply.)
1. Domain reputation : Domain reputation refers to the beliefs or opinions of the public. If the company does not quickly resolve their website issues, they may lose their current and even future customers, destroying the website's credibility. 2. URL redirections : URL redirection refers to redirecting users to other web pages. This is true for links on the website that the attacker may modify, which point to fake or malicious web pages.
An attacker used an illegal access point (AP) with a very strong signal near a wireless network. If the attacker performed a jamming attack, which of the following would prevent this type of network disruption? (Select all that apply.)
1. Locate the offending radio source and disable it. : Interference can disrupt a wireless network from other radio sources. One way to defeat a jamming attack is to locate the offending radio source and disable it. 2. Boost the signal of the legitimate equipment. : Interference can disrupt a wireless network from other radio sources. One way to defeat a jamming attack is to boost the signal of the legitimate equipment.
A social engineer convinced a victim to visit a malicious website, which allowed the attacker to exploit vulnerabilities on the victim's web browser. Which of the following best describes this type of attack?
A Man-in-the-Browser (MitB) attack : A MitB attack occurs when the attacker compromises the web browser by installing malicious plug-ins, scripts, or intercepting API calls. Attackers can install vulnerability exploit kits on a website and will actively try to exploit vulnerabilities in clients browsing the site.
A security analyst's scans and network logs show that unauthorized devices are connecting to the network. After tracing this down, the analyst discovered a tethered smartphone creating a backdoor to gain access to the network. Which of the following describes this device?
A rogue Access Point (AP) : If scans or network logs show that unauthorized devices are connecting, determine whether the problem is an access point with misconfigured or weak security or whether there is some sort of rogue AP.
A company's computer has a mobile device tethered to it, which creates a remote backdoor into the network. What does this device become?
A rogue access point (AP) : If scans or network logs show that unauthorized devices are connecting, determine whether the problem is an access point with misconfigured or weak security or whether there is some sort of rogue AP.
A malicious user sniffed credentials exchanged between two computers by intercepting communications between them. What type of attack did the attacker execute?
An On-path attack : An On-path attack is a form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
An attacker is preparing to perform what type of attack when the target vulnerabilities include headers and payloads of specific application protocols?
Application attack : An application attack targets vulnerabilities in the headers and payloads of specific application protocols. For example, one type of amplification attack targets DNS services with bogus queries.
An attacker used an exploit to steal information from a mobile device, which allowed the attacker to circumvent the authentication process. The mobile device is vulnerable to which of the following attacks?
Bluesnarfing : Bluesnarfing refers to using an exploit in Bluetooth to steal information from someone else's phone. The exploit (now patched) allows attackers to circumvent the authentication mechanism.
A malicious actor is preparing a script to run with an Excel spreadsheet as soon as the target opens the file. The script includes a few macros designed to secretly gather and send information to a remote server. How is the malicious actor accomplishing this task?
By using VBA code : Visual Basic for Applications (VBA) is a scripting language for Microsoft Office that uses macros to perform a sequence of actions in the context of a word processor, spreadsheet, or presentation file.
A hacker corrupted the name:IP records held on the HOSTS file on a server, to divert traffic for a legitimate domain to a malicious IP address. What type of attack did the hacker perform?
Domain Name System (DNS) server cache poisoning : DNS Server Cache poisoning is a redirection attack that aims to corrupt the records held by the DNS server itself. The intention is to redirect traffic for a legitimate domain to a malicious IP address.
By modifying query traffic, an attacker compromised a legitimate site's web server via a Denial of Service (DoS) attack and redirected traffic intended for the legitimate domain, to go instead, to the attacker's malicious IP address. What type of attack did the hacker perform?
Domain Name System (DNS) server cache poisoning : DNS Server Cache poisoning is a redirection attack, that aims to corrupt the records held by the DNS server itself. The intention is to redirect traffic for a legitimate domain to a malicious IP address.
An attacker stole a website name by gaining control of and altering its registration information. The attacker then changed the IP address associated with the site, to the IP of a web server the attacker owned. What is this exploit of the website registration process known as?
Domain hijacking : Domain hijacking is a type of hijacking attack where the attacker steals a domain name by altering its registration information and then transferring the domain name to another entity. Brandjacking is another term for domain hijacking.
Which of the following attacks do security professionals expose themselves to if they turn the power output down on a wireless access point (AP)?
Evil twin attacks : Security professionals expose themselves to "evil twin" attacks, as users may expect to find the network at a given location and assume that the rogue AP is legitimate.
Wi-Fi Protected Access (WPA) fixes critical vulnerabilities in the earlier wired equivalent privacy (WEP) standard. Understanding that WPA uses a combination of an RC4 stream cipher and Temporal Key Integrity Protocol (TKIP), this makes a wireless access point NOT vulnerable to which of the following attacks when related to encrypted wireless packets?
IV attacks : An (IV) Initialization Vector attack modifies the IV of an encrypted wireless packet during transmission to compute the RC4 keystream to decrypt all other wireless traffic. This attack becomes useless when WPA or WPA2 wireless protection is enabled.
A security engineer examined some suspicious error logs on a Windows server that showed attempts to run shellcode to a web application. The shellcode showed multiple lines beginning with Invoke-Command. What type of script is the suspicious code trying to run?
PowerShell script : PowerShell is the preferred method of performing Windows administration tasks. Common PowerShell cmdlets include Invoke-Expression, Invoke-Command, Invoke-WMIMethod, New-Service, etc.
A Linux systems admin reported a suspicious .py file that ran on a daily schedule after business hours. The file included shellcode that would automate Application Programming Interface (API) calls to a web application to get information. What type of script is this shellcode most likely running?
Python script : Python is a popular language for development projects. Codes that have multiple logic and looping statements found in a .py file can indicate a python scripting attempt.
