Network Vulnerabilities and Attacks

Questions and Answers

PDF Questions PDF Answers

What is a back door in software typically created for?

To increase security measures

To allow unauthorized access (correct)

To improve user interface

To enhance device performance

What does privilege escalation allow an attacker to do?

Improve system security protocols

Increase network bandwidth

Access public data only

Gain unauthorized access to restricted resources (correct)

Which of the following is NOT a type of denial of service (DoS) attack?

SYN flood

Ping flood attack

Smurf attack

DNS poisoning (correct)

What category does a man-in-the-middle attack belong to?

Interception

Which of the following describes a SYN flood attack?

It sends a large volume of TCP SYN packets to overwhelm a server.

What is the primary characteristic of a Distributed Denial of Service (DDoS) attack?

It floods a device with requests from multiple compromised computers.

What type of attack uses the ping utility to send numerous echo request messages?

Ping flood attack

In a SYN flood attack, what is exploited during the connection establishment process?

TCP/IP 3-way handshake

What is a key feature of the Smurf attack?

It involves spoofing the target's IP address.

Which type of attack records transmitted data without altering it?

Passive man-in-the-middle attack

What is the result of a replay attack?

The attacker captures and reuses previously valid transmission.

How does a SYN flood attack affect a target device?

It prevents legitimate users from establishing connections due to resource exhaustion.

What is a result of using zombie computers in DDoS attacks?

Widespread and uncontrollable traffic to the target.

What is the main difference between active and passive attacks in the context of interception?

Active attacks change the contents of communications while passive attacks do not.

What makes identifying and blocking the source of a DDoS attack extremely challenging?

The multitude of compromised devices utilized in the attack.

What does ARP poisoning primarily alter in a network?

The MAC address stored in the ARP cache.

Which of the following is NOT a method to prevent DNS poisoning?

Implementing stronger password policies.

What is the main purpose of the Address Resolution Protocol (ARP)?

To map IP addresses to MAC addresses.

What is a likely consequence of successfully executing an ARP poisoning attack?

Interception of data meant for another device.

Which location is NOT typically involved in DNS poisoning?

Firewall settings.

What type of attack can result from ARP poisoning?

Man-in-the-middle attack.

Which of these commonly exploited vulnerabilities can lead to privilege escalation in a network?

Outdated software packages.

What is a primary indication of DNS poisoning?

Redirection to unintended web pages.

In the context of network security, what does a Denial of Service (DoS) attack aim to achieve?

Make network resources unavailable to users.

What is one effective strategy to mitigate DNS poisoning?

Regularly update DNS software with security patches.

What is a default account in a network device context?

An account created automatically by the device for setup

Which of the following accurately describes a backdoor in a network device?

An unauthorized method of remote access to a device

What is a common target for attackers in a network device?

Default accounts left active after setup

Privilege escalation in networking refers to what?

Gaining unauthorized control of user permissions

Which method can NOT be used to create a backdoor on a network device?

Manual creation by the manufacturer

What is a significant risk of keeping default accounts active on network devices?

Vulnerability to unauthorized access

Which of the following best describes the purpose of a default account?

To facilitate initial setup of the device

What could be a major consequence of privilege escalation in a network?

Unauthorized access to sensitive information

Study Notes

Network Vulnerabilities

• Default accounts are created automatically by the device
• They are often used for initial setup and installation, but should be deleted after
• Back doors are accounts created secretly without administrator knowledge, allowing for remote access
• They can be created by infection or by a software programmer
• Privilege escalation exploits a vulnerability in a software to gain access to restricted resources

Network Attacks

• Denial of service (DoS) attacks consume network resources to prevent legitimate requests from being processed
• Interception includes man-in-the-middle that intercepts communication and forges a response, and replay attacks that capture and reuse a transmission
• Poisoning attacks alter lookup tables to redirect traffic, including ARP poisoning, which changes MAC address entries
• DNS poisoning alters DNS addresses to redirect computers to a different device

Denial of Service Attacks

• Ping flood, Smurf, and SYN flood are all DoS attack methods
• Ping flood attacks use ping utilty to send a large number of echo requests
• Smurf attacks send pings with a spoofed originating address to overwhelm targets
• SYN flood attacks exploit the TCP/IP 3-way handshake to prevent a connection

Distributed Denial of Service Attacks

• DDoS attacks utilize botnets to flood a device with requests
• They are difficult to block because of the vast number of sources

Interception Attacks

• Man-in-the-middle attacks can be active or passive, with passive recording data and active altering content
• Replay attacks capture transmissions and reuse them later

Poisoning Attacks

• ARP attacks alter the ARP table, allowing the attacker to intercept communication
• DNS poisoning can be used to redirect hosts to a rogue server
• DNS poisoning can be prevented by using the latest versions of BIND software

Description

This quiz covers essential concepts related to network vulnerabilities and various types of attacks, including denial of service and interception techniques. Understand the significance of default accounts, back doors, and privilege escalation. Test your knowledge on poisoning attacks and typical strategies like ping flood and SYN flood.