Castle.eiu.edu



Review Questions

Student Name: _______________________________________

Target Attacks

1. Which of the following attacks can be mitigated against by implementing the following ingress/egress traffic filtering?

■ Any packet coming into the network must not have a source address of the internal network.

■ Any packet coming into the network must have a destination address from the internal network.

■ Any packet leaving the network must have a source address from the internal network.

■ Any packet leaving the network must not have a destination address from the internal networks.

■ Any packet coming into the network or leaving the network must not have a source or destination address of a private address or an address listed in RFC 1918 reserved space.

a) SYN (Synchronize) flooding

b) Spoofing

c) DoS (Denial of Service) attacks

d) Dictionary attacks

2. Which of the following attacks exploits the session initiation between the Transport Control Program (TCP) client and server in a network?

a) Buffer Overflow

b) SYN flood Attack

c) Smurf

d) Birthday Attack

3. Which of the following attacks improperly formatted Maximum Transmission Unit to crash a target computer?

a) Man in the middle attack

b) Smurf attack

c) Ping of death attack

d) TCP SYN (Transmission Control Protocol / Synchronized) attack

4. Which of the following determines which operating system is installed on a system by analyzing its response to certain network traffic?

a) OS (Operating System) scanning.

b) Reverse engineering.

c) Fingerprinting

d) Host hijacking.

5. Which of the following is a DoS (Denial of Service) attack that exploits TCP's (Transmission Control Protocol) three-way handshake for new connections?

a) SYN (Synchronize) flood.

b) Ping of death attack.

c) Land attack.

d) Buffer overflow attack.

6. In which of the following attacks does the attacker pretend to be a legitimate user?

a) Aliasing

b) Spoofing

c) Flooding

d) Redirecting

7. In an IP (Internet Protocol) spoofing attack, what field of an IP (Internet Protocol) packet does the attacker manipulate? (Choose all that apply)

a) The Version field.

b) The Source address field.

c) The source port field.

d) The destination address field.

8. What is the process of forging the TCP port number to impersonate another machine called?

a) TCP/IP (Transmission Control Protocol/Internet Protocol) hijacking

b) IP (Internet Protocol) spoofing

c) Man in the middle

d) None of the above

9. You are the security administrator at . You detect intruders accessing your internal network. The source IP (Internet Protocol) addresses originate from trusted networks. What type of attack are you experiencing?

a) Social engineering

b) TCP/IP (Transmission Control Protocol/Internet Protocol) hijacking

c) Smurfing

d) Spoofing

10. What is an attack in which the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets called?

a) SYN flood attack

b) Smurf attack

c) Ping of Dead Attack

d) Denial of Service (DOS) Attack

NOTE: THE FOLLOWING EXERCISE IS PART OF THE EXAM REVIEW MATERIAL

Exercise 1: Hacking email and other login account

With physical access, a hacker may install a keylogger (or keystroke capturing) tool on a target computer. He may also copy the target computer’s password file and break it later. Remotely, the hacker can deceive a user into downloading some king of Trojan horse that has a client and server components.

1) Based tool(s) you have used in a previous lab, explain (in general terms) the process of copying a computer’s password file and breaking it to reveal the passwords.

2) Explain how can a user be deceived into downloading the server component of a Trojan horse on his/her computer?

3) Based your experience with one of the tools you have used in a previous lab, explain (in general terms) the process of remotely connecting to a target computer and “listening” or recording the keystrokes which may include login credentials.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download