Types of Cyber Attacks Lecture Two

Questions and Answers

What precaution can be taken against a Brute Force Attack?

Using simple passwords

Enabling Two-Factor-Authentication (2FA) (correct)

Disabling CAPTCHA during login

Increasing the number of login attempts

Which type of DoS attack involves flooding the target with traffic to make it unavailable to users?

SYNC Flood Attack (correct)

Network segmentation

Ping of Death

Smurf Attack

In what way does Load Balancing help prevent DoS attacks?

Encouraging multiple submission of connection requests

Overloading a single server

Limiting the impact of a DoS attack (correct)

Disabling network segmentation

What is the purpose of using complex alphanumeric passwords?

To enhance password security

Which DoS attack involves sending ICMP echo requests larger than 65536 bytes?

Ping of Death

How does the Smurf Attack overwhelm networks and servers?

By causing buffer overflow with ICMP requests

What is the main aim of a Denial of Service (DoS) attack?

To shut down a machine or network

What is the recommended action if facing a SYNC Flood Attack?

Disconnect the server from the network.

Network segmentation is used to:

Limit the impact of DoS attacks by keeping them isolated.

What is the main target of Whaling (CEO Fraud) attacks?

High-profile employees, such as the CEO or CFO

Define Pharming and how it works in cyber attacks.

Pharming is when the attacker redirects the victim to a fraudulent site to trick them into divulging credentials.

What are some preventive measures against Phishing attacks?

Check website authenticity, avoid random sites/pop-ups, use anti-phishing browser extensions, use organization-approved applications, train employees, update software/firmware.

Explain Brute Force attacks and how they work.

Brute Force involves trying multiple combinations of alphanumeric strings to discover passwords or encryption keys through trial and error.

What is the key factor in determining how long a Brute Force attack can take?

The length and complexity of the password.

What is the process involved in Brute Forcing a system?

Choose a tool that can generate different credential and key combinations to crack the password or encryption key.

Why can even the most secured systems be vulnerable to Brute Force attacks?

Because Brute Force attacks rely on trial and error without needing prior victim knowledge.

How can organizations enhance their defense against Brute Force attacks?

By ensuring employees use strong, complex passwords and keeping software and firmware up-to-date.

What type of employees are most targeted in Whaling attacks?

High-ranking executives like the CEO or CFO.

What is the significance of using anti-phishing browser extensions?

They help in identifying illegitimate websites from legitimate ones, reducing the risk of falling for phishing scams.