Test your basic knowledge |

CISSP Attacks

Subjects : certifications, it-skills, cissp

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. Type: Reconn - How: Use port scanning tool to identify Listening Ports (TCP/UDP) on Servers - Tools: Nmap - Foundstone Products (Scanline - etc.) - Angry IP Scanner - etc.
Pharming
Bluetooth Malicious Threats
Port Scanning
TDL-4 Bot-Net #3

2. AKA Session Hijacking - Enables user to gain control of session read change data and/or packets. Could potentially get passwords or Paswd file if attacks admin
Network Address Hijacking
Mail bombing
Botnet Names
Trinoo

3. Type of Remote Shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell - but rather instructs the machine to download a certain executable file off the network - save it to disk
Scrubbing
Jamming
Worm Names
Download and Execute

4. Change user's service provider - w/o concent
Bluetooth BackDoor Attack
Time of Use/Time of Check Attack
Slamming
Port Scanning

5. Attacker deletes incriminating evidence or data from audit logs. - Countermeasure: Protect log from modification via strict access control
Scrubbing
Worm Names
TDL-4 Bot-Net
Deliberate exploit

6. Type: Masquerading Attack - How: For a given IP address in ARP table - attacker enters his MAC address - Why: Attacker alters System ARP table. Goal to receive packets.
Tribal Flood Network (TFN) & TFN2K
ARP Table Poisioning
Shellcode
Black Hole

7. In computer security - a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called 'shellcode' because it typically starts a command shell from which the attacker can control the compromised
Spoofing at Login
Shellcode
Land
SMiShing

8. The botnet also uses the public Kad P2P network for one of its two channels for communicating between infected PCs and the C&C servers - said Kaspersky. Previously - botnets that communicated via P2P used a closed network they had created.
TDL-4 Bot-Net
Scrubbing
TDL-4 Bot-Net #3
Network Address Hijacking

9. Type: DoS - How: Send Packet > max allowable size of 65535 bytes - Why: Causes vulnerable host to fail and/or reboot - Counter: Ingress filter - patch systems
Spoofing at Login
Bluetooth DoS (1 or more attackers)
Buffer Overflow
Ping of Death

10. aka ARP Flooding - poisioning
Port Scanning
ARP Spoof
S-RPC
Cramming

11. Sasser - Blaster - Melissa - ILOVEYOU - Conflicker
Tribal Flood Network (TFN) & TFN2K
Worm Names
Bluejacking
ARP Table Poisioning

12. Type: Man-in-Middle Attack - AKA: Phishing - URL Spoofing - How: Spoofs the public key of web site/server - Why: Get users to go to Attackers Website instead - Goal: usually to get user's data (ID - password - bank account info - etc.) However - coul
TDL-4 Bot-Net #2
Web Spoofing Attack
Teardrop
Ping of Death

13. Installs its rootkit on the MBR - Sector 0 - Invisible to OS & security software - advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by (C&C) servers
ARP Table Poisioning
Buffer Overflow
TDL-4 Bot-Net
Birthday

14. Type: Fun or Snoop Info - How: Attacker sends unsolicited message to Bluetooth enabled device. e.g. insert contact into address book. Why: May Enable future attacks on the device via emails - Recipent reaction or get data w/o your knowledge while con
Stack Overflow
Tap
Remote Code
Bluejacking

15. Zeus - Mariposa - Storm
Black Hole
ARP Table Poisioning
Web Spoofing Attack
Botnet Names

16. Redirect victim to fake website - How: DNS poison -
ARP Spoof
Download and Execute
Pharming
Tribal Flood Network (TFN) & TFN2K

17. May result in data at a specific location being altered in an arbitrary way - or in arbitrary code being executed. - Counter: make sure your OS and application libraries are patched to detect/prevent against these types of overflows
Network Address Hijacking
Teardrop
Trinoo
Deliberate exploit

18. 'Pairing' establishes trust relationship - Access to All Data on device
Teardrop
Bluetooth BackDoor Attack
Pharming
Black Hole

19. 1) If phone is vulnerable to bluesnarfing or bluebugging-- seek patches. Manufacturer or manufacturer-authorized dealer. Software patches available for many older Bluetooth phones. 2) Turn device to non-discoverable mode when not using Bluetooth tech
Bluetooth Threat Mitigation
Bluetooth BackDoor Attack
Land
Network Address Hijacking

20. RF interference / blocking
Jamming
Mail bombing
ARP Table Poisioning
Time of Use/Time of Check Attack

21. How: Attacker sends forged stream of TCP SYN packets with Source & Destination = to victim's IP address - Victim's system attempts to reply to itselft (attacks itself) - Vulnerable systems: Systems with BSD TCP/IP stack - Counter: Edge routers drop p
Wardialing
Land
Remote Code
Buffer Overflow

22. Type: DoS - How: Attacker sends your packets to a non-existent address - How: One way is special type of ARP poisioning.
TDL-4 Bot-Net #2
Bluejacking
Black Hole
Teardrop

23. Juggernaut & HUNT Project - Spy then attack
Download and Execute
Network Address Hijacking
Hijacking Tools
Birthday

24. Completed by using commercially available couplers to place a microbend in the cable to allow light to radiate through the cladding and be exposed to a photodetector. photodetector is connected to an electro-optical converter that acts as an interfac
Caller ID Spoofing
Scrubbing
Shellcode
Tap

25. Hacker gains access to data stored on Bluetooth enabled phone. Why: hacker make phone calls - send & receive text messages - read & write phonebook contacts - eavesdrop on phone conversations - and connect to Internet. - How: requires advanced equip
Ping of Death
Bluesnarfing
Wardialing
SMiShing

26. Type: Brute force How: Attack hashing function via Brute force. Changes message until he gets one that produces the same hash value. - Why: Attacker wants to change your message without detection.
TDL-4 Bot-Net #3
S-RPC
Tap
Birthday

27. Type: Buffer Overflow - How: Memory Stack is overflown to write data into another area of memory in the Identify of the System. (Priviledged System account) - Why: The most common cause of stack overflows is excessively deep or infinite recursion. T
Shellcode
Bluejacking
Stack Overflow
Network Address Hijacking

28. Attacker must win the race of responding between 2 different processes carrying out a task/function. Counter: Do not Split up critical tasks that can have results or sequence altered. - Employ Software locks to files to prevent unauthorized access.
Bluetooth DoS (1 or more attackers)
Bluesnarfing
Buffer Overflow
Race Condition

29. Uses DiffieH PK to determine shared Symm key
Hijacking Tools
Caller ID Spoofing
S-RPC
Scrubbing

30. Type: DoS (Flood or Crashing) - How: Malformed fragmented packts - Why: Causes vulnerable host to fail and/or reboot - Countermeasure: Network IDS - drop faulty or corrupted packets - ingress filters
Download and Execute
Wardialing
Bluetooth DoS (1 or more attackers)
Teardrop

31. How: Attacker uses technologies (especially associated with VoIP) that allow callers to lie about their identity and present false names and numbers - Why: defraud or harass.
ARP Spoof
Caller ID Spoofing
Slamming
Time of Use/Time of Check Attack

32. Type: Worm. How: Self replicating usually Rapid over net or other means.
Botnet Names
Worms
Phishing
Jamming

33. Counters:Best: Proper programming with Input value bounds checking. Keep systems current: Patching - hot fixes - etc.
Bluetooth Threat Mitigation
Scrubbing
Bluetooth Malicious Threats
Buffer Overflow

34. Intruder re-routes data traffic from a network device to Attacker's machine
Race Condition
TDL-4 Bot-Net
SMiShing
Network Address Hijacking

35. Allows skilled individuals to access phone Commands using Bluetooth wireless technology without notifying or alerting the phone's user. - Why: This vulnerability allows the hacker to initiate phone calls - send and read SMS - read and write phoneboo
Bluesnarfing
Bluebugging
Ping of Death
Caller ID Spoofing

36. Covert Channel ICMP comms - writes data after header Sniffing - Counter: Secure protocols -
Network Address Hijacking
S-RPC
Loki
Jamming

37. Social engineering technique
Web Spoofing Attack
Teardrop
Tap
Phishing

38. Overwhelm mail server & Clients
Download and Execute
Tribal Flood Network (TFN) & TFN2K
Mail bombing
SMiShing

39. Type: Buffer Overflow in the heap data area. - Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Expl
Hijacking Tools
Jamming
Deliberate exploit
Heap Overflow

40. How: SMTP doesn't provide any authentication.E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol - (i.e. stamp - postal code) the SMTP protocol will send t
Spoofing at Login
E-mail address spoofing
Tap
Hijacking Tools

41. Counters: A firewall can be used to detect the outgoing connections made by connect-back shellcodes and the attempt to accept incoming connections made by bindshells. They can therefore offer some protection against an attacker - even if the system i
Pharming
TDL-4 Bot-Net #2
Ping of Death
Remote Code

42. Flood w/ Pairing requests. (spoofed or not) - Victim consumed with Responses
Slamming
Bluetooth Threat Mitigation
Bluetooth DoS (1 or more attackers)
TDL-4 Bot-Net #3

43. Counter: Non-public #s - Tight AC for modems / pools
Phishing
Bluetooth Malicious Threats
Wardialing
TDL-4 Bot-Net #3

44. Type: DDoS - How: uses a master program to communicate with attack agents across multiple nets. Attacker remotely connects to Master host - then master commands agents to perform UDP flood to a list of Target IP addresses. - Why: your IP address is i
Trinoo
Tribal Flood Network (TFN) & TFN2K
Bluetooth Threat Mitigation
Caller ID Spoofing

45. Attacker uses program presenting Fake Logon Screen Capture Username & Pswd - Counter: Host IDS
Bluebugging
Worms
Buffer Overflow
Spoofing at Login

46. Add extra bogus charges
Heap Overflow
Cramming
Network Address Hijacking
Bluetooth Threat Mitigation

47. Bluebugging - Bluesnarfing
Black Hole
Bluetooth DoS (1 or more attackers)
Cramming
Bluetooth Malicious Threats

48. Mobile device attack that seeks to dupe the recipient of an SMS (short message service - text) message into downloading malware onto their handset. Once the handset is infected - it can be turned into a 'zombie -' allowing attackers to control the de
SMiShing
Bluesnarfing
Buffer Overflow
Bluetooth Threat Mitigation

49. AKA: Asynchronous attack - How: Takes advantage of dependency of event timing in a multitasking OS - How: Attacker gets between instructions and manipulates something. Goal is Control the result.
Bluetooth Threat Mitigation
Time of Use/Time of Check Attack
Phishing
Heap Overflow

50. Type: DDoS - How: TFN uses a master program to communicate with attack agents across multiple nets. TFN can launch several types of attacks simultaneously: UDP flood - TCP SYN flood - ICPM echo request flood and ICMP directed broadcasts. - Why: TFN M
Bluetooth Threat Mitigation
Port Scanning
Pharming
Tribal Flood Network (TFN) & TFN2K