Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
12 Cards in this Set
- Front
- Back
|
Which one of the following is defined as the process of distributing incorrect Internet Protocol (IP)
addresses/names with the intent of diverting traffic? A. Network aliasing B. Domain Name Server (DNS) poisoning C. Reverse Address Resolution Protocol (ARP) D. Port scanning |
Answer: B
|
|
|
Which of the following identifies the first phase of a Distributed Denial of Service attack?
A. Establishing communications between the handler and agent. B. Disrupting the normal traffic to the host. C. Disabling the router so it cannot filter traffic. D. Compromising as many machines as possible. |
Answer: D
|
|
|
Why are packet filtering routers NOT effective against mail bomb attacks?
A. The bomb code is obscured by the message encoding algorithm. B. Mail bombs are polymorphic and present no consistent signature to filter on. C. Filters do not examine the data portion of a packet. D. The bomb code is hidden in the header and appears as a normal routing information. |
Answer: C
|
|
|
Which one of the following correctly identifies the components of a Distributed Denial of Service Attack?
A. Node, server, hacker, destination B. Client, handler, agent, target C. Source, destination, client, server D. Attacker, proxy, handler, agent |
Answer: B
Another form of DoS. A distributed denial of service occurs when the attacker compromises several systems to be used as launching platforms against one or more victims. The compromised systems used in the attacks are often called claves or zombies. |
|
|
Which one of the following attacks will pass through a network layer intrusion detection system undetected?
A. A teardrop attack B. A SYN flood attack C. A DNS spoofing attack D. A test.cgi attack |
Answer: D
|
|
|
What is called an attach where the attacker spoofs the source IP address in an ICMP
ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets? A.) SYN flood attack B.) Smurf attack C.) Ping of Dead Attack D.) Denial of Service (DOS) Attack |
Answer: B
|
|
|
What attack is primarily based on the fragmentation implementation of IP and large
ICMP packet size? A. Exhaustive B. Brute force C. Ping of Death D. Spoofing |
Answer: C
Explanation: Ping of Death -- This exploit is based on the fragmentation implementation of IP whereby large packets are reassembled and can cause machines to crash. 'Ping of Death |
|
|
Land attack attacks a target by:
A. Producing large volume of ICMP echos. B. Producing fragmented IP packets. C. Attacking an established TCP connection. D. None of the choices. |
Answer: C
Explanation: Land.c. attack -- Attacks an established TCP connection. |
|
|
What attack is primarily based on the fragmentation implementation of IP?
A. Teardrop B. Exhaustive C. Spoofing D. Brute force |
Answer: A
Explanation: Teardrop attack - This is based on the fragmentation implementation of IP whereby reassembly problems can cause machines to crash |
|
|
A stack overflow attack that "crashes" a Transmission Control Protocol/Internet Protocol (TCP/IP) service
daemon can result in a serious security breach because the A. Process does not implement proper object reuse. B. Process is executed by a privileged entity. C. Network interface becomes promiscuous. D. Daemon can be replaced by a trojan horse |
Answer: B
|
|
|
A. Communication based on random challenge.
B. Communication based on face to face contact. C. Communication based on token. D. Communication based on asymmetric encryption. |
Answer: D
|
|
|
Which one of the following is concerned with masking the frequency, length, and
origin-destination patterns of the communications between protocol entities? A. Masking analysis B. Protocol analysis C. Traffic analysis D. Pattern analysis |
Answer: C
|
