Master the Art of Cybersecurity

Questions and Answers

Which of the following is NOT one of the four categories of cybersecurity attacks mentioned in the text?

Modification

Fabrication

Interception

Interruption (correct)

What is the purpose of a fabrication attack?

To gain trust in a compromised system

To collect data for illicit use

To create illegitimate information within a system (correct)

To reduce confidence in genuine data

Which of the following is a potential consequence of a fabrication attack?

Increased confidence in genuine data

Elimination of cybersecurity attacks

Reduced number of internet-connected devices

Decreased trust in a compromised system (correct)

Which category of cyber-attack primarily targets data confidentiality?

Interception

Which category of cyber-attack primarily targets data availability?

Interruption

Which category of cyber-attack primarily targets data integrity?

Modification

Which category of cyber-attack involves injecting bogus data or creating false trails in the system?

Fabrication

Which tool can be used to monitor MAC to IP address mappings?

Arpwatch

What is the purpose of Dynamic ARP Inspection (DAI)?

To prevent layer two and layer three spoofing attacks

Which type of switches is DAI and CIS available on?

Catalyst switches using native mode (Cisco IOS)

Which type of attack primarily affects the integrity of data but could also be considered an availability attack?

Modification attack

What is an example of an interception attack?

Unauthorized file viewing

Which attack involves generating data, processes, communications, or other similar activities with a system?

Fabrication attack

What is the major attack discovered in studies of file sharing system security?

Theft attack

Which of the following is NOT a type of attack discussed in the text?

Route protocol attack

What is the term used to describe a program that reproduces by introducing a copy of itself and infecting another computer or device without permission or knowledge of the user?

Virus

Which type of attack exploits weaknesses in a network's privacy by intercepting a message and keeping a copy of it?

Message interception attack

What is the term used to describe situations in which an attacker masquerades as a genuine employee and tricks a third party into divulging information that will allow the attacker access to the system?

Social engineering attack

Which type of attack is characterized by the manipulation of peers to issue simultaneous multimedia downloads or streaming, causing heavy traffic and network congestion?

Bandwidth clogging attack

What is the main goal of the RIAA and Barker mentioned in the text?

To prevent unauthorized copying and online distribution of music files

What is a common characteristic of DDoS attacks?

They utilize a large number of distributed or peer resources

What is the most aggressive type of P2P-DDoS attack mentioned in the text?

DC++ attack

Which of the following is a common offline attack method used to crack a UNIX shadow file?

Using joe-doe or killer-crack

What is a common consequence of ARP redirection attacks?

The attacker can insert themselves in the middle of a conversation

Which of the following is NOT a method used in ARP-based attacks?

ARP encryption

Why can any user sniff traffic on a switched network despite it being fully switched to the desktop?

ARP has no provision for authenticating queries or query replies