Master the Art of Cybersecurity

Questions and Answers

Which of the following is NOT one of the four categories of cybersecurity attacks mentioned in the text?

• Modification
• Fabrication
• Interception
• Interruption (correct)

What is the purpose of a fabrication attack?

• To gain trust in a compromised system
• To collect data for illicit use
• To create illegitimate information within a system (correct)
• To reduce confidence in genuine data

Which of the following is a potential consequence of a fabrication attack?

• Increased confidence in genuine data
• Elimination of cybersecurity attacks
• Reduced number of internet-connected devices
• Decreased trust in a compromised system (correct)

Which category of cyber-attack primarily targets data confidentiality?

Interception (D)

Which category of cyber-attack primarily targets data availability?

Interruption (D)

Which category of cyber-attack primarily targets data integrity?

Modification (C)

Which category of cyber-attack involves injecting bogus data or creating false trails in the system?

Fabrication (B)

Which tool can be used to monitor MAC to IP address mappings?

Arpwatch (A)

What is the purpose of Dynamic ARP Inspection (DAI)?

To prevent layer two and layer three spoofing attacks (A)

Which type of switches is DAI and CIS available on?

Catalyst switches using native mode (Cisco IOS) (A)

Which type of attack primarily affects the integrity of data but could also be considered an availability attack?

Modification attack (C)

What is an example of an interception attack?

Unauthorized file viewing (D)

Which attack involves generating data, processes, communications, or other similar activities with a system?

Fabrication attack (B)

What is the major attack discovered in studies of file sharing system security?

Theft attack (B)

Which of the following is NOT a type of attack discussed in the text?

Route protocol attack (A)

What is the term used to describe a program that reproduces by introducing a copy of itself and infecting another computer or device without permission or knowledge of the user?

Virus (A)

Which type of attack exploits weaknesses in a network's privacy by intercepting a message and keeping a copy of it?

Message interception attack (C)

What is the term used to describe situations in which an attacker masquerades as a genuine employee and tricks a third party into divulging information that will allow the attacker access to the system?

Social engineering attack (A)

Which type of attack is characterized by the manipulation of peers to issue simultaneous multimedia downloads or streaming, causing heavy traffic and network congestion?

Bandwidth clogging attack (C)

What is the main goal of the RIAA and Barker mentioned in the text?

To prevent unauthorized copying and online distribution of music files (C)

What is a common characteristic of DDoS attacks?

They utilize a large number of distributed or peer resources (A)

What is the most aggressive type of P2P-DDoS attack mentioned in the text?

DC++ attack (B)

Which of the following is a common offline attack method used to crack a UNIX shadow file?

Using joe-doe or killer-crack (C)

What is a common consequence of ARP redirection attacks?

The attacker can insert themselves in the middle of a conversation (D)

Which of the following is NOT a method used in ARP-based attacks?

ARP encryption (D)

Why can any user sniff traffic on a switched network despite it being fully switched to the desktop?

ARP has no provision for authenticating queries or query replies (D)