Master the Art of Cybersecurity

Questions and Answers

Which of the following is NOT one of the four broad-based categories used to classify attacks and threats in an Information Security context?

• Interruption
• Modification
• Interception (correct)
• Fabrication

Which category of attacks involves the creation of illegitimate information, processes, communications, or other data within a system?

• Interception
• Fabrication (correct)
• Interruption
• Modification

Which category of attacks involves the unauthorized access and capture of information during transmission?

• Modification
• Fabrication
• Interruption
• Interception (correct)

Which category of attack primarily threatens data confidentiality?

Interception (C)

Which category of attack primarily threatens data availability?

Interruption (C)

Which category of attack primarily threatens data integrity?

Modification (D)

Which category of attack involves injecting bogus data or creating a false trail in the system?

Fabrication (A)

Which of the following is an example of an interception attack?

Unauthorized file viewing (B)

What type of attack primarily affects integrity but could also be considered an availability attack?

Fabrication attack (B)

Which attack involves generating data, processes, or communications with a system?

Fabrication attack (C)

What is the major attack discovered in studies of file sharing system security?

Theft attack (A)

Which tool can be used to monitor MAC to IP address mappings?

Arpwatch (D)

What is the purpose of Dynamic ARP Inspection (DAI)?

Prevent layer two and layer three spoofing attacks (B)

Which type of switches support Dynamic ARP Inspection (DAI)?

Cisco Catalyst 6500 switches (C)

Which of the following is NOT a type of attack discussed in the text?

Buffer overflow attack (B)

What is the term used to describe situations in which an attacker masquerades as a genuine employee and tricks a third party into divulging information?

Social engineering (C)

What type of attack involves intercepting a message and keeping a copy to obtain valuable data?

Message interception attack (B)

What type of attack involves replaying genuine traffic that has been recorded previously using sniffer software?

Message replay attack (D)

Which type of attack is characterized by manipulating peers to issue multimedia download or streaming simultaneously, causing heavy traffic and clogging an organization's network?

Bandwidth clogging attack (A)

What is the main goal of preventing unauthorized copying and online distribution of music files, as mentioned in the text?

To protect the rights of musicians and artists (A)

What is the most aggressive type of P2P-DDoS attack mentioned in the text?

DC++ attack (D)

What advantage do DDoS attacks have for adversaries, as mentioned in the text?

Both 1 and 2 (C)

Which of the following is a type of online brute-force attack?

Cracking a UNIX shadow file (B)

What is a common misconception about deploying a fully switched network to the desktop?

It prevents the ability of network users to sniff network traffic (C)

Which technique involves sending unsolicited ARP replies to a target host in order to poison its ARP cache?

ARP spoofing (C)

What is the potential consequence of an ARP-related attack known as ARP redirection?

Intercepting and decoding VoIP traffic (D)

Flashcards are hidden until you start studying