SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
CISSP Attacks
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Type: DoS - How: Send Packet > max allowable size of 65535 bytes - Why: Causes vulnerable host to fail and/or reboot - Counter: Ingress filter - patch systems
Bluebugging
Ping of Death
Download and Execute
Web Spoofing Attack
2. Type: DoS - How: Attacker sends your packets to a non-existent address - How: One way is special type of ARP poisioning.
Ping of Death
Network Address Hijacking
Black Hole
Race Condition
3. How: SMTP doesn't provide any authentication.E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol - (i.e. stamp - postal code) the SMTP protocol will send t
E-mail address spoofing
Race Condition
Network Address Hijacking
Spoofing at Login
4. In computer security - a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called 'shellcode' because it typically starts a command shell from which the attacker can control the compromised
Heap Overflow
Shellcode
Loki
Race Condition
5. Type: Fun or Snoop Info - How: Attacker sends unsolicited message to Bluetooth enabled device. e.g. insert contact into address book. Why: May Enable future attacks on the device via emails - Recipent reaction or get data w/o your knowledge while con
Bluejacking
Shellcode
E-mail address spoofing
Botnet Names
6. Intruder re-routes data traffic from a network device to Attacker's machine
Time of Use/Time of Check Attack
Network Address Hijacking
Land
Bluetooth DoS (1 or more attackers)
7. Type: Reconn - How: Use port scanning tool to identify Listening Ports (TCP/UDP) on Servers - Tools: Nmap - Foundstone Products (Scanline - etc.) - Angry IP Scanner - etc.
Port Scanning
ARP Spoof
Wardialing
Deliberate exploit
8. AKA Session Hijacking - Enables user to gain control of session read change data and/or packets. Could potentially get passwords or Paswd file if attacks admin
Worms
Network Address Hijacking
TDL-4 Bot-Net #3
Heap Overflow
9. Social engineering technique
ARP Table Poisioning
E-mail address spoofing
Phishing
Port Scanning
10. Covert Channel ICMP comms - writes data after header Sniffing - Counter: Secure protocols -
Tap
TDL-4 Bot-Net #3
Jamming
Loki
11. Type: Man-in-Middle Attack - AKA: Phishing - URL Spoofing - How: Spoofs the public key of web site/server - Why: Get users to go to Attackers Website instead - Goal: usually to get user's data (ID - password - bank account info - etc.) However - coul
Web Spoofing Attack
Black Hole
Time of Use/Time of Check Attack
Buffer Overflow
12. Bluebugging - Bluesnarfing
Network Address Hijacking
Bluebugging
Bluetooth Malicious Threats
Scrubbing
13. How: Attacker uses technologies (especially associated with VoIP) that allow callers to lie about their identity and present false names and numbers - Why: defraud or harass.
Time of Use/Time of Check Attack
Loki
Caller ID Spoofing
Hijacking Tools
14. Installs its rootkit on the MBR - Sector 0 - Invisible to OS & security software - advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by (C&C) servers
TDL-4 Bot-Net #3
Bluesnarfing
Phishing
TDL-4 Bot-Net
15. Type: Buffer Overflow in the heap data area. - Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Expl
Caller ID Spoofing
Heap Overflow
Bluesnarfing
ARP Spoof
16. Juggernaut & HUNT Project - Spy then attack
Cramming
Caller ID Spoofing
Hijacking Tools
Remote Code
17. Type: Worm. How: Self replicating usually Rapid over net or other means.
Deliberate exploit
Bluesnarfing
Trinoo
Worms
18. Counter: Non-public #s - Tight AC for modems / pools
Wardialing
Remote Code
Pharming
Teardrop
19. Redirect victim to fake website - How: DNS poison -
Pharming
Scrubbing
Birthday
Buffer Overflow
20. Sasser - Blaster - Melissa - ILOVEYOU - Conflicker
TDL-4 Bot-Net
Worm Names
Teardrop
Pharming
21. Mobile device attack that seeks to dupe the recipient of an SMS (short message service - text) message into downloading malware onto their handset. Once the handset is infected - it can be turned into a 'zombie -' allowing attackers to control the de
Download and Execute
Slamming
SMiShing
Port Scanning
22. Type: Buffer Overflow - How: Memory Stack is overflown to write data into another area of memory in the Identify of the System. (Priviledged System account) - Why: The most common cause of stack overflows is excessively deep or infinite recursion. T
Stack Overflow
Network Address Hijacking
Buffer Overflow
Mail bombing
23. Type of Remote Shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell - but rather instructs the machine to download a certain executable file off the network - save it to disk
Download and Execute
ARP Table Poisioning
Remote Code
Jamming
24. Attacker deletes incriminating evidence or data from audit logs. - Countermeasure: Protect log from modification via strict access control
Bluetooth DoS (1 or more attackers)
Ping of Death
Land
Scrubbing
25. 'Pairing' establishes trust relationship - Access to All Data on device
Bluetooth BackDoor Attack
Stack Overflow
ARP Spoof
Slamming
26. TDL-4's makers created their own encryption algorithm - Kaspersky's Golovanov said in his analysis - and the botnet uses the domain names of the C&C servers as the encryption keys.
Wardialing
TDL-4 Bot-Net #2
Pharming
Port Scanning
27. aka ARP Flooding - poisioning
ARP Spoof
Bluetooth Malicious Threats
Worms
Bluetooth BackDoor Attack
28. Type: DDoS - How: uses a master program to communicate with attack agents across multiple nets. Attacker remotely connects to Master host - then master commands agents to perform UDP flood to a list of Target IP addresses. - Why: your IP address is i
Wardialing
Bluetooth DoS (1 or more attackers)
Bluetooth BackDoor Attack
Trinoo
29. Hacker gains access to data stored on Bluetooth enabled phone. Why: hacker make phone calls - send & receive text messages - read & write phonebook contacts - eavesdrop on phone conversations - and connect to Internet. - How: requires advanced equip
Trinoo
Wardialing
Pharming
Bluesnarfing
30. Uses DiffieH PK to determine shared Symm key
Bluejacking
S-RPC
Bluetooth Threat Mitigation
Tap
31. The botnet also uses the public Kad P2P network for one of its two channels for communicating between infected PCs and the C&C servers - said Kaspersky. Previously - botnets that communicated via P2P used a closed network they had created.
Heap Overflow
TDL-4 Bot-Net #3
Cramming
TDL-4 Bot-Net
32. Type: Brute force How: Attack hashing function via Brute force. Changes message until he gets one that produces the same hash value. - Why: Attacker wants to change your message without detection.
E-mail address spoofing
SMiShing
Stack Overflow
Birthday
33. Add extra bogus charges
Ping of Death
Cramming
Slamming
Birthday
34. Type: Masquerading Attack - How: For a given IP address in ARP table - attacker enters his MAC address - Why: Attacker alters System ARP table. Goal to receive packets.
Bluetooth DoS (1 or more attackers)
Wardialing
ARP Table Poisioning
Mail bombing
35. Type: DDoS - How: TFN uses a master program to communicate with attack agents across multiple nets. TFN can launch several types of attacks simultaneously: UDP flood - TCP SYN flood - ICPM echo request flood and ICMP directed broadcasts. - Why: TFN M
Tribal Flood Network (TFN) & TFN2K
Jamming
Web Spoofing Attack
Stack Overflow
36. Type: DoS (Flood or Crashing) - How: Malformed fragmented packts - Why: Causes vulnerable host to fail and/or reboot - Countermeasure: Network IDS - drop faulty or corrupted packets - ingress filters
Ping of Death
Phishing
Jamming
Teardrop
37. Attacker uses program presenting Fake Logon Screen Capture Username & Pswd - Counter: Host IDS
Spoofing at Login
ARP Table Poisioning
Tap
Buffer Overflow
38. AKA: Asynchronous attack - How: Takes advantage of dependency of event timing in a multitasking OS - How: Attacker gets between instructions and manipulates something. Goal is Control the result.
Shellcode
Time of Use/Time of Check Attack
Ping of Death
Worm Names
39. Zeus - Mariposa - Storm
Botnet Names
Bluetooth Malicious Threats
Network Address Hijacking
Port Scanning
40. Completed by using commercially available couplers to place a microbend in the cable to allow light to radiate through the cladding and be exposed to a photodetector. photodetector is connected to an electro-optical converter that acts as an interfac
Tap
Worm Names
Remote Code
Black Hole
41. Overwhelm mail server & Clients
S-RPC
Spoofing at Login
Shellcode
Mail bombing
42. RF interference / blocking
Remote Code
Ping of Death
Land
Jamming
43. Counters: A firewall can be used to detect the outgoing connections made by connect-back shellcodes and the attempt to accept incoming connections made by bindshells. They can therefore offer some protection against an attacker - even if the system i
Bluetooth DoS (1 or more attackers)
Hijacking Tools
Black Hole
Remote Code
44. Attacker must win the race of responding between 2 different processes carrying out a task/function. Counter: Do not Split up critical tasks that can have results or sequence altered. - Employ Software locks to files to prevent unauthorized access.
Ping of Death
Race Condition
Tribal Flood Network (TFN) & TFN2K
Heap Overflow
45. How: Attacker sends forged stream of TCP SYN packets with Source & Destination = to victim's IP address - Victim's system attempts to reply to itselft (attacks itself) - Vulnerable systems: Systems with BSD TCP/IP stack - Counter: Edge routers drop p
Web Spoofing Attack
Tribal Flood Network (TFN) & TFN2K
Land
Port Scanning
46. Change user's service provider - w/o concent
Tap
Caller ID Spoofing
Race Condition
Slamming
47. Flood w/ Pairing requests. (spoofed or not) - Victim consumed with Responses
Trinoo
Cramming
Botnet Names
Bluetooth DoS (1 or more attackers)
48. May result in data at a specific location being altered in an arbitrary way - or in arbitrary code being executed. - Counter: make sure your OS and application libraries are patched to detect/prevent against these types of overflows
Wardialing
Birthday
Pharming
Deliberate exploit
49. 1) If phone is vulnerable to bluesnarfing or bluebugging-- seek patches. Manufacturer or manufacturer-authorized dealer. Software patches available for many older Bluetooth phones. 2) Turn device to non-discoverable mode when not using Bluetooth tech
Bluebugging
Scrubbing
Bluetooth Threat Mitigation
Wardialing
50. Counters:Best: Proper programming with Input value bounds checking. Keep systems current: Patching - hot fixes - etc.
Phishing
Worm Names
Buffer Overflow
Tap