Master the Art of Cybersecurity

Questions and Answers

Which category of attacks involves creating illegitimate information within a system alongside authentic data?

• Modification
• Fabrication (correct)
• Interception
• Interruption

What is the main objective of a fabrication attack?

• To modify authentic data
• To interrupt system processes
• To gain trust (correct)
• To intercept data

Which category of attacks involves manipulating or altering data in a system?

• Interception
• Modification (correct)
• Fabrication
• Interruption

Which category of attack primarily threatens data confidentiality?

Interception (A)

What is an example of an interruption attack?

Identity spoofing (C)

Which category of attack primarily threatens data integrity?

Modification (A)

What can be used to mitigate fabrication attacks?

Digital signatures (D)

Which tool can be used to monitor MAC to IP address mappings?

Arpwatch (B)

What can happen to the switch CAM table when switches are heavily loaded during attacks?

It becomes disrupted (B)

Which functionality is designed to prevent ARP redirection attacks on Cisco Catalyst 6500 switches?

Dynamic ARP Inspection (DAI) (B)

Which of the following is an example of an interception attack?

Unauthorized file viewing or copying (C)

Which type of attack primarily affects integrity but could also be considered an availability attack?

Fabrication attack (C)

What is the major attack discovered in studies of file sharing system security?

Theft attack (A)

Which legal controversy led to the injunction and shutdown of the original Napster service?

RIAA v. Napster case (C)

Which of the following is a common offline attack method mentioned in the text?

Using joe-doe to crack a UNIX shadow file (B)

What is the purpose of ARP redirection?

To insert the attacker in the middle of a conversation (D)

Which of the following is a consequence of ARP cache poisoning?

Routing packets to /dev/null resulting in a DoS attack (B)

What is a potential implication of ARP-related attacks on VoIP traffic?

Intercepting and recording voice conversations (B)

Which of the following is NOT a type of attack discussed in the text?

Common criteria analysis (A)

What type of attack involves intercepting a message and keeping a copy of it?

Message replay attack (C)

Which type of attack involves an attacker masquerading as a genuine employee to trick a third party into divulging information?

Social engineering (D)

What type of attack is designed to deny legitimate users access to resources?

Distributed DoS (DDoS) attack (A)

Which type of attack causes heavy traffic and affects the response time and performance of normal business correspondence?

Bandwidth clogging attack (B)

Which type of attack can be categorized as an interruption attack and obstructs availability?

Denial of service (DoS) attack (B)

Which type of attack uses malware to max out a user's CPU time or crash a system by triggering errors in instructions?

CPU overload attack (A)

Which type of attack involves an attacker registering with a P2P overlay, gaining access to multiple peer devices, and launching an attack with all the zombies on a target device or service at a predetermined time?

Distributed denial of service (DDoS) attack (C)