SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Attacks
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Counters:Best: Proper programming with Input value bounds checking. Keep systems current: Patching - hot fixes - etc.
Buffer Overflow
Phishing
Hijacking Tools
Tribal Flood Network (TFN) & TFN2K
2. Type: DoS - How: Attacker sends your packets to a non-existent address - How: One way is special type of ARP poisioning.
Stack Overflow
Download and Execute
Black Hole
Network Address Hijacking
3. Counters: A firewall can be used to detect the outgoing connections made by connect-back shellcodes and the attempt to accept incoming connections made by bindshells. They can therefore offer some protection against an attacker - even if the system i
Pharming
Trinoo
Remote Code
TDL-4 Bot-Net #2
4. Counter: Non-public #s - Tight AC for modems / pools
Bluetooth BackDoor Attack
Hijacking Tools
Buffer Overflow
Wardialing
5. 'Pairing' establishes trust relationship - Access to All Data on device
Land
Bluetooth BackDoor Attack
Network Address Hijacking
ARP Table Poisioning
6. TDL-4's makers created their own encryption algorithm - Kaspersky's Golovanov said in his analysis - and the botnet uses the domain names of the C&C servers as the encryption keys.
Caller ID Spoofing
Bluetooth Malicious Threats
Botnet Names
TDL-4 Bot-Net #2
7. Allows skilled individuals to access phone Commands using Bluetooth wireless technology without notifying or alerting the phone's user. - Why: This vulnerability allows the hacker to initiate phone calls - send and read SMS - read and write phoneboo
Time of Use/Time of Check Attack
Bluejacking
Bluebugging
Hijacking Tools
8. Zeus - Mariposa - Storm
Heap Overflow
Trinoo
Botnet Names
ARP Table Poisioning
9. aka ARP Flooding - poisioning
ARP Spoof
Port Scanning
Bluetooth DoS (1 or more attackers)
Ping of Death
10. Type: Worm. How: Self replicating usually Rapid over net or other means.
TDL-4 Bot-Net
Hijacking Tools
Bluejacking
Worms
11. Type: Fun or Snoop Info - How: Attacker sends unsolicited message to Bluetooth enabled device. e.g. insert contact into address book. Why: May Enable future attacks on the device via emails - Recipent reaction or get data w/o your knowledge while con
Bluejacking
Network Address Hijacking
TDL-4 Bot-Net #3
Web Spoofing Attack
12. AKA: Asynchronous attack - How: Takes advantage of dependency of event timing in a multitasking OS - How: Attacker gets between instructions and manipulates something. Goal is Control the result.
TDL-4 Bot-Net #2
Ping of Death
Time of Use/Time of Check Attack
Bluebugging
13. Overwhelm mail server & Clients
Ping of Death
Remote Code
Trinoo
Mail bombing
14. In computer security - a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called 'shellcode' because it typically starts a command shell from which the attacker can control the compromised
Shellcode
ARP Spoof
Hijacking Tools
Cramming
15. Type: Buffer Overflow in the heap data area. - Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Expl
Caller ID Spoofing
Birthday
Time of Use/Time of Check Attack
Heap Overflow
16. How: Attacker sends forged stream of TCP SYN packets with Source & Destination = to victim's IP address - Victim's system attempts to reply to itselft (attacks itself) - Vulnerable systems: Systems with BSD TCP/IP stack - Counter: Edge routers drop p
Mail bombing
Time of Use/Time of Check Attack
Pharming
Land
17. Mobile device attack that seeks to dupe the recipient of an SMS (short message service - text) message into downloading malware onto their handset. Once the handset is infected - it can be turned into a 'zombie -' allowing attackers to control the de
SMiShing
Heap Overflow
Pharming
Network Address Hijacking
18. Attacker deletes incriminating evidence or data from audit logs. - Countermeasure: Protect log from modification via strict access control
Network Address Hijacking
Mail bombing
Scrubbing
Land
19. Attacker must win the race of responding between 2 different processes carrying out a task/function. Counter: Do not Split up critical tasks that can have results or sequence altered. - Employ Software locks to files to prevent unauthorized access.
Race Condition
Port Scanning
Caller ID Spoofing
TDL-4 Bot-Net #3
20. Uses DiffieH PK to determine shared Symm key
Black Hole
S-RPC
E-mail address spoofing
Bluesnarfing
21. Add extra bogus charges
Deliberate exploit
Heap Overflow
Cramming
ARP Table Poisioning
22. May result in data at a specific location being altered in an arbitrary way - or in arbitrary code being executed. - Counter: make sure your OS and application libraries are patched to detect/prevent against these types of overflows
Cramming
Deliberate exploit
Trinoo
Loki
23. Juggernaut & HUNT Project - Spy then attack
Land
ARP Table Poisioning
Hijacking Tools
Worms
24. How: Attacker uses technologies (especially associated with VoIP) that allow callers to lie about their identity and present false names and numbers - Why: defraud or harass.
ARP Table Poisioning
Bluebugging
Remote Code
Caller ID Spoofing
25. Type: DDoS - How: uses a master program to communicate with attack agents across multiple nets. Attacker remotely connects to Master host - then master commands agents to perform UDP flood to a list of Target IP addresses. - Why: your IP address is i
Land
Black Hole
Trinoo
Bluetooth Threat Mitigation
26. Intruder re-routes data traffic from a network device to Attacker's machine
Network Address Hijacking
S-RPC
Botnet Names
Scrubbing
27. Type: DoS - How: Send Packet > max allowable size of 65535 bytes - Why: Causes vulnerable host to fail and/or reboot - Counter: Ingress filter - patch systems
Ping of Death
Stack Overflow
Pharming
S-RPC
28. 1) If phone is vulnerable to bluesnarfing or bluebugging-- seek patches. Manufacturer or manufacturer-authorized dealer. Software patches available for many older Bluetooth phones. 2) Turn device to non-discoverable mode when not using Bluetooth tech
Bluetooth Threat Mitigation
ARP Spoof
Slamming
Time of Use/Time of Check Attack
29. Social engineering technique
Land
Phishing
E-mail address spoofing
Bluetooth Malicious Threats
30. Hacker gains access to data stored on Bluetooth enabled phone. Why: hacker make phone calls - send & receive text messages - read & write phonebook contacts - eavesdrop on phone conversations - and connect to Internet. - How: requires advanced equip
Bluesnarfing
Land
Heap Overflow
TDL-4 Bot-Net
31. The botnet also uses the public Kad P2P network for one of its two channels for communicating between infected PCs and the C&C servers - said Kaspersky. Previously - botnets that communicated via P2P used a closed network they had created.
Wardialing
TDL-4 Bot-Net #3
SMiShing
E-mail address spoofing
32. Attacker uses program presenting Fake Logon Screen Capture Username & Pswd - Counter: Host IDS
ARP Spoof
Birthday
Spoofing at Login
Wardialing
33. Installs its rootkit on the MBR - Sector 0 - Invisible to OS & security software - advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by (C&C) servers
Jamming
TDL-4 Bot-Net
Slamming
Web Spoofing Attack
34. Type: Brute force How: Attack hashing function via Brute force. Changes message until he gets one that produces the same hash value. - Why: Attacker wants to change your message without detection.
Phishing
SMiShing
Birthday
Bluetooth Malicious Threats
35. Bluebugging - Bluesnarfing
Bluetooth Malicious Threats
Remote Code
Download and Execute
Hijacking Tools
36. Completed by using commercially available couplers to place a microbend in the cable to allow light to radiate through the cladding and be exposed to a photodetector. photodetector is connected to an electro-optical converter that acts as an interfac
Port Scanning
Botnet Names
Tap
TDL-4 Bot-Net #3
37. Change user's service provider - w/o concent
E-mail address spoofing
Slamming
Worm Names
Cramming
38. Sasser - Blaster - Melissa - ILOVEYOU - Conflicker
Shellcode
Scrubbing
ARP Spoof
Worm Names
39. RF interference / blocking
Black Hole
Loki
Jamming
Bluetooth BackDoor Attack
40. Type: DoS (Flood or Crashing) - How: Malformed fragmented packts - Why: Causes vulnerable host to fail and/or reboot - Countermeasure: Network IDS - drop faulty or corrupted packets - ingress filters
Teardrop
Land
ARP Table Poisioning
Bluetooth DoS (1 or more attackers)
41. AKA Session Hijacking - Enables user to gain control of session read change data and/or packets. Could potentially get passwords or Paswd file if attacks admin
Bluesnarfing
Teardrop
Bluetooth BackDoor Attack
Network Address Hijacking
42. Type: Man-in-Middle Attack - AKA: Phishing - URL Spoofing - How: Spoofs the public key of web site/server - Why: Get users to go to Attackers Website instead - Goal: usually to get user's data (ID - password - bank account info - etc.) However - coul
Deliberate exploit
Web Spoofing Attack
Jamming
Birthday
43. Covert Channel ICMP comms - writes data after header Sniffing - Counter: Secure protocols -
Loki
Time of Use/Time of Check Attack
Tribal Flood Network (TFN) & TFN2K
Bluetooth DoS (1 or more attackers)
44. Type: DDoS - How: TFN uses a master program to communicate with attack agents across multiple nets. TFN can launch several types of attacks simultaneously: UDP flood - TCP SYN flood - ICPM echo request flood and ICMP directed broadcasts. - Why: TFN M
Tribal Flood Network (TFN) & TFN2K
Bluetooth Threat Mitigation
Port Scanning
Pharming
45. How: SMTP doesn't provide any authentication.E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol - (i.e. stamp - postal code) the SMTP protocol will send t
Tap
E-mail address spoofing
Network Address Hijacking
Bluetooth DoS (1 or more attackers)
46. Flood w/ Pairing requests. (spoofed or not) - Victim consumed with Responses
Bluetooth DoS (1 or more attackers)
Network Address Hijacking
Mail bombing
Web Spoofing Attack
47. Type: Reconn - How: Use port scanning tool to identify Listening Ports (TCP/UDP) on Servers - Tools: Nmap - Foundstone Products (Scanline - etc.) - Angry IP Scanner - etc.
Port Scanning
Race Condition
Trinoo
Shellcode
48. Type: Masquerading Attack - How: For a given IP address in ARP table - attacker enters his MAC address - Why: Attacker alters System ARP table. Goal to receive packets.
Shellcode
ARP Table Poisioning
E-mail address spoofing
Bluesnarfing
49. Redirect victim to fake website - How: DNS poison -
Pharming
Bluebugging
Spoofing at Login
TDL-4 Bot-Net #3
50. Type of Remote Shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell - but rather instructs the machine to download a certain executable file off the network - save it to disk
Download and Execute
Remote Code
Shellcode
Buffer Overflow