SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Attacks
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Juggernaut & HUNT Project - Spy then attack
Worm Names
Shellcode
Loki
Hijacking Tools
2. Counter: Non-public #s - Tight AC for modems / pools
Bluejacking
Worms
Wardialing
Time of Use/Time of Check Attack
3. Sasser - Blaster - Melissa - ILOVEYOU - Conflicker
Bluetooth Threat Mitigation
Time of Use/Time of Check Attack
Scrubbing
Worm Names
4. How: SMTP doesn't provide any authentication.E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol - (i.e. stamp - postal code) the SMTP protocol will send t
Loki
Remote Code
Black Hole
E-mail address spoofing
5. 1) If phone is vulnerable to bluesnarfing or bluebugging-- seek patches. Manufacturer or manufacturer-authorized dealer. Software patches available for many older Bluetooth phones. 2) Turn device to non-discoverable mode when not using Bluetooth tech
TDL-4 Bot-Net
Bluebugging
Bluetooth Threat Mitigation
Tribal Flood Network (TFN) & TFN2K
6. Hacker gains access to data stored on Bluetooth enabled phone. Why: hacker make phone calls - send & receive text messages - read & write phonebook contacts - eavesdrop on phone conversations - and connect to Internet. - How: requires advanced equip
Ping of Death
Wardialing
TDL-4 Bot-Net
Bluesnarfing
7. Type: DoS - How: Attacker sends your packets to a non-existent address - How: One way is special type of ARP poisioning.
Black Hole
ARP Table Poisioning
Heap Overflow
Remote Code
8. Type: Fun or Snoop Info - How: Attacker sends unsolicited message to Bluetooth enabled device. e.g. insert contact into address book. Why: May Enable future attacks on the device via emails - Recipent reaction or get data w/o your knowledge while con
Bluetooth Threat Mitigation
Stack Overflow
Bluejacking
ARP Spoof
9. aka ARP Flooding - poisioning
Teardrop
Mail bombing
Bluejacking
ARP Spoof
10. Covert Channel ICMP comms - writes data after header Sniffing - Counter: Secure protocols -
Land
Loki
Hijacking Tools
Deliberate exploit
11. In computer security - a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called 'shellcode' because it typically starts a command shell from which the attacker can control the compromised
Shellcode
Tribal Flood Network (TFN) & TFN2K
Download and Execute
Cramming
12. Overwhelm mail server & Clients
Time of Use/Time of Check Attack
Mail bombing
Ping of Death
Birthday
13. Type: Reconn - How: Use port scanning tool to identify Listening Ports (TCP/UDP) on Servers - Tools: Nmap - Foundstone Products (Scanline - etc.) - Angry IP Scanner - etc.
Port Scanning
Tribal Flood Network (TFN) & TFN2K
Buffer Overflow
Deliberate exploit
14. Attacker uses program presenting Fake Logon Screen Capture Username & Pswd - Counter: Host IDS
Stack Overflow
Worm Names
Spoofing at Login
Pharming
15. Type: Buffer Overflow - How: Memory Stack is overflown to write data into another area of memory in the Identify of the System. (Priviledged System account) - Why: The most common cause of stack overflows is excessively deep or infinite recursion. T
Stack Overflow
Time of Use/Time of Check Attack
Tap
ARP Table Poisioning
16. Type: Brute force How: Attack hashing function via Brute force. Changes message until he gets one that produces the same hash value. - Why: Attacker wants to change your message without detection.
Stack Overflow
Bluebugging
Botnet Names
Birthday
17. Attacker must win the race of responding between 2 different processes carrying out a task/function. Counter: Do not Split up critical tasks that can have results or sequence altered. - Employ Software locks to files to prevent unauthorized access.
Time of Use/Time of Check Attack
Tribal Flood Network (TFN) & TFN2K
Race Condition
ARP Table Poisioning
18. How: Attacker uses technologies (especially associated with VoIP) that allow callers to lie about their identity and present false names and numbers - Why: defraud or harass.
TDL-4 Bot-Net #3
Bluetooth BackDoor Attack
Stack Overflow
Caller ID Spoofing
19. Type: Worm. How: Self replicating usually Rapid over net or other means.
Tribal Flood Network (TFN) & TFN2K
Bluebugging
Worms
Web Spoofing Attack
20. TDL-4's makers created their own encryption algorithm - Kaspersky's Golovanov said in his analysis - and the botnet uses the domain names of the C&C servers as the encryption keys.
Black Hole
Network Address Hijacking
TDL-4 Bot-Net #2
Bluetooth Malicious Threats
21. Zeus - Mariposa - Storm
Bluetooth BackDoor Attack
Botnet Names
Tribal Flood Network (TFN) & TFN2K
Cramming
22. Add extra bogus charges
Cramming
ARP Table Poisioning
Trinoo
Wardialing
23. 'Pairing' establishes trust relationship - Access to All Data on device
Bluetooth BackDoor Attack
Bluetooth Malicious Threats
Wardialing
Network Address Hijacking
24. Type: DDoS - How: TFN uses a master program to communicate with attack agents across multiple nets. TFN can launch several types of attacks simultaneously: UDP flood - TCP SYN flood - ICPM echo request flood and ICMP directed broadcasts. - Why: TFN M
Tribal Flood Network (TFN) & TFN2K
Network Address Hijacking
Teardrop
Slamming
25. Allows skilled individuals to access phone Commands using Bluetooth wireless technology without notifying or alerting the phone's user. - Why: This vulnerability allows the hacker to initiate phone calls - send and read SMS - read and write phoneboo
Remote Code
SMiShing
TDL-4 Bot-Net #2
Bluebugging
26. AKA: Asynchronous attack - How: Takes advantage of dependency of event timing in a multitasking OS - How: Attacker gets between instructions and manipulates something. Goal is Control the result.
Tribal Flood Network (TFN) & TFN2K
Time of Use/Time of Check Attack
Phishing
Hijacking Tools
27. How: Attacker sends forged stream of TCP SYN packets with Source & Destination = to victim's IP address - Victim's system attempts to reply to itselft (attacks itself) - Vulnerable systems: Systems with BSD TCP/IP stack - Counter: Edge routers drop p
Scrubbing
Port Scanning
Botnet Names
Land
28. Type: Man-in-Middle Attack - AKA: Phishing - URL Spoofing - How: Spoofs the public key of web site/server - Why: Get users to go to Attackers Website instead - Goal: usually to get user's data (ID - password - bank account info - etc.) However - coul
Bluebugging
Mail bombing
Bluetooth DoS (1 or more attackers)
Web Spoofing Attack
29. Type: Masquerading Attack - How: For a given IP address in ARP table - attacker enters his MAC address - Why: Attacker alters System ARP table. Goal to receive packets.
Stack Overflow
ARP Table Poisioning
Web Spoofing Attack
Bluetooth DoS (1 or more attackers)
30. Social engineering technique
Heap Overflow
Hijacking Tools
Phishing
TDL-4 Bot-Net #3
31. Flood w/ Pairing requests. (spoofed or not) - Victim consumed with Responses
TDL-4 Bot-Net #2
Hijacking Tools
Pharming
Bluetooth DoS (1 or more attackers)
32. Attacker deletes incriminating evidence or data from audit logs. - Countermeasure: Protect log from modification via strict access control
TDL-4 Bot-Net
Bluetooth Malicious Threats
Scrubbing
Slamming
33. Change user's service provider - w/o concent
S-RPC
Land
Bluesnarfing
Slamming
34. Type: DDoS - How: uses a master program to communicate with attack agents across multiple nets. Attacker remotely connects to Master host - then master commands agents to perform UDP flood to a list of Target IP addresses. - Why: your IP address is i
ARP Spoof
Mail bombing
Download and Execute
Trinoo
35. Completed by using commercially available couplers to place a microbend in the cable to allow light to radiate through the cladding and be exposed to a photodetector. photodetector is connected to an electro-optical converter that acts as an interfac
Mail bombing
ARP Spoof
Worms
Tap
36. Type: DoS (Flood or Crashing) - How: Malformed fragmented packts - Why: Causes vulnerable host to fail and/or reboot - Countermeasure: Network IDS - drop faulty or corrupted packets - ingress filters
Download and Execute
Worm Names
TDL-4 Bot-Net
Teardrop
37. Type: DoS - How: Send Packet > max allowable size of 65535 bytes - Why: Causes vulnerable host to fail and/or reboot - Counter: Ingress filter - patch systems
Buffer Overflow
Bluejacking
Ping of Death
Teardrop
38. Bluebugging - Bluesnarfing
ARP Spoof
Worms
Web Spoofing Attack
Bluetooth Malicious Threats
39. Counters: A firewall can be used to detect the outgoing connections made by connect-back shellcodes and the attempt to accept incoming connections made by bindshells. They can therefore offer some protection against an attacker - even if the system i
Remote Code
Loki
Trinoo
Buffer Overflow
40. RF interference / blocking
S-RPC
Jamming
Worms
Port Scanning
41. Counters:Best: Proper programming with Input value bounds checking. Keep systems current: Patching - hot fixes - etc.
Buffer Overflow
Time of Use/Time of Check Attack
SMiShing
ARP Table Poisioning
42. Type of Remote Shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell - but rather instructs the machine to download a certain executable file off the network - save it to disk
Network Address Hijacking
Phishing
Network Address Hijacking
Download and Execute
43. Installs its rootkit on the MBR - Sector 0 - Invisible to OS & security software - advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by (C&C) servers
Birthday
ARP Table Poisioning
Trinoo
TDL-4 Bot-Net
44. Mobile device attack that seeks to dupe the recipient of an SMS (short message service - text) message into downloading malware onto their handset. Once the handset is infected - it can be turned into a 'zombie -' allowing attackers to control the de
Shellcode
Pharming
ARP Spoof
SMiShing
45. Type: Buffer Overflow in the heap data area. - Heap overflows are exploitable in a different manner to that of stack-based overflows. Memory on the heap is dynamically allocated by the application at run-time and typically contains program data. Expl
Wardialing
Deliberate exploit
TDL-4 Bot-Net
Heap Overflow
46. Uses DiffieH PK to determine shared Symm key
Heap Overflow
S-RPC
ARP Spoof
Network Address Hijacking
47. Intruder re-routes data traffic from a network device to Attacker's machine
Shellcode
Network Address Hijacking
ARP Spoof
Port Scanning
48. Redirect victim to fake website - How: DNS poison -
TDL-4 Bot-Net #2
Caller ID Spoofing
Bluetooth BackDoor Attack
Pharming
49. AKA Session Hijacking - Enables user to gain control of session read change data and/or packets. Could potentially get passwords or Paswd file if attacks admin
Botnet Names
Network Address Hijacking
Buffer Overflow
Wardialing
50. May result in data at a specific location being altered in an arbitrary way - or in arbitrary code being executed. - Counter: make sure your OS and application libraries are patched to detect/prevent against these types of overflows
Download and Execute
Network Address Hijacking
ARP Table Poisioning
Deliberate exploit
