DNS Cache Poisoning Attack

Questions and Answers

What is the primary goal of maintaining data integrity?

• Implementing encryption
• Ensuring data availability
• Protecting stored data from modification or destruction (correct)
• Preventing unauthorized access

What is the main threat to data integrity?

• Code injection and SQL injection (correct)
• Un authorized access
• Lack of encryption
• Viruses and worms

What is the primary concern of the availability component in the AIC triad?

• Ensuring easy access to information by authorized users (correct)
• Protecting data from unauthorized access
• Detecting cyber-attacks in real-time
• Maintaining data consistency and accuracy

What is the main purpose of using firewalls and proxy servers in a system?

To prevent data loss and ensure availability (D)

Which component of the AIC triad refers to privacy?

Confidentiality (C)

How can physical access be secured to maintain data integrity?

By granting access only to network administrators and system administrators (C)

Which type of cyber-attack involves an attacker controlling many computers to send false traffic requests?

Distributed Denial of Service (DDoS) attack (B)

What is an effective way to prevent cyber-attacks on a system?

Performing regular hardware repairs and using security software (D)

What is the term used to describe the guarantee of easy access to information by authorized users whenever they want?

Availability (D)

What is essential to have in place in case of a virus attack or server failure?

A recovery plan (A)

What are the three crucial components of security known as?

All of the above (D)

What is the main goal of upgrading and updating a system to protect data loss?

To ensure availability of data (A)

What is the primary goal of an attacker in a DNS cache poisoning attack using ID spoofing method?

To fully control the conversation between the user and DNS servers (C)

Which of the following is a consequence of using an insecure protocol like HTTP?

Sensitive information is exchanged in plain text (A)

What is the term used to describe the theft of session cookies in a session hijacking attack?

HTTP cookie theft (B)

What is the purpose of a network analyzer in a DNS spoofing attack?

To view traffic flow in between the user and DNS server (C)

Which of the following is a security measure to protect against DNS spoofing attacks?

Using secure protocols like HTTPS (A)

What is the primary goal of an attacker in a session hijacking attack?

To misuse existing connection or session between two network devices (A)

What is the main goal of an attacker in a DNS spoofing attack?

To steal sensitive information from the user (D)

What is the result of a successful DNS spoofing attack?

The user's identity is misused by the attacker (D)

What is the role of packet analyzers in DNS spoofing attacks?

To assist the attacker in performing DNS spoofing attacks (D)

How does an attacker steal a DNS ID number in a DNS spoofing attack?

Through an ARP spoofing attack (B)

What is the effect of cache poisoning in a DNS spoofing attack?

The cache remains poisoned until it is updated or deleted (C)

What is the main purpose of DNS spoofing attacks?

To steal sensitive information from the user (D)

What is one of the significant threats to confidentiality?

Network analyzers used by hackers (D)

What is the main goal of data encryption?

To protect user IDs, passwords, and credit card information (D)

What are the three basic principles of network connectivity that can be compromised by network attacks?

Confidentiality, integrity, and availability (A)

What can be used to protect users from social engineering thefts?

Pre-information and training (D)

What is one of the risks associated with connecting to a network?

Digital theft (D)

What can be sent in clear text by many network applications and protocols?

Packets (B)