SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
CISSP Attacks
Start Test
Study First
Subjects
:
certifications
,
it-skills
,
cissp
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Social engineering technique
Hijacking Tools
Land
Phishing
Pharming
2. Type: DoS - How: Attacker sends your packets to a non-existent address - How: One way is special type of ARP poisioning.
Birthday
Black Hole
Bluesnarfing
E-mail address spoofing
3. Sasser - Blaster - Melissa - ILOVEYOU - Conflicker
Teardrop
Time of Use/Time of Check Attack
Worm Names
Bluebugging
4. Type: DoS - How: Send Packet > max allowable size of 65535 bytes - Why: Causes vulnerable host to fail and/or reboot - Counter: Ingress filter - patch systems
Ping of Death
Slamming
Tribal Flood Network (TFN) & TFN2K
Buffer Overflow
5. Counters:Best: Proper programming with Input value bounds checking. Keep systems current: Patching - hot fixes - etc.
Ping of Death
TDL-4 Bot-Net #3
Network Address Hijacking
Buffer Overflow
6. Uses DiffieH PK to determine shared Symm key
Bluetooth Malicious Threats
Deliberate exploit
S-RPC
Trinoo
7. Type: Brute force How: Attack hashing function via Brute force. Changes message until he gets one that produces the same hash value. - Why: Attacker wants to change your message without detection.
TDL-4 Bot-Net
Pharming
Birthday
Trinoo
8. Type: Man-in-Middle Attack - AKA: Phishing - URL Spoofing - How: Spoofs the public key of web site/server - Why: Get users to go to Attackers Website instead - Goal: usually to get user's data (ID - password - bank account info - etc.) However - coul
Heap Overflow
Web Spoofing Attack
E-mail address spoofing
Tap
9. Overwhelm mail server & Clients
Deliberate exploit
Mail bombing
TDL-4 Bot-Net #2
Wardialing
10. Zeus - Mariposa - Storm
Bluetooth Malicious Threats
Stack Overflow
Botnet Names
Bluetooth BackDoor Attack
11. Attacker must win the race of responding between 2 different processes carrying out a task/function. Counter: Do not Split up critical tasks that can have results or sequence altered. - Employ Software locks to files to prevent unauthorized access.
Phishing
Botnet Names
Race Condition
TDL-4 Bot-Net
12. TDL-4's makers created their own encryption algorithm - Kaspersky's Golovanov said in his analysis - and the botnet uses the domain names of the C&C servers as the encryption keys.
TDL-4 Bot-Net #3
TDL-4 Bot-Net #2
Hijacking Tools
Bluetooth BackDoor Attack
13. Change user's service provider - w/o concent
Wardialing
Slamming
SMiShing
Botnet Names
14. Attacker uses program presenting Fake Logon Screen Capture Username & Pswd - Counter: Host IDS
Bluesnarfing
Spoofing at Login
Caller ID Spoofing
Race Condition
15. aka ARP Flooding - poisioning
ARP Spoof
Bluetooth BackDoor Attack
Wardialing
Heap Overflow
16. May result in data at a specific location being altered in an arbitrary way - or in arbitrary code being executed. - Counter: make sure your OS and application libraries are patched to detect/prevent against these types of overflows
Phishing
TDL-4 Bot-Net #3
Deliberate exploit
Tap
17. Type: DoS (Flood or Crashing) - How: Malformed fragmented packts - Why: Causes vulnerable host to fail and/or reboot - Countermeasure: Network IDS - drop faulty or corrupted packets - ingress filters
Teardrop
Trinoo
TDL-4 Bot-Net #2
S-RPC
18. Intruder re-routes data traffic from a network device to Attacker's machine
Network Address Hijacking
Bluetooth DoS (1 or more attackers)
ARP Table Poisioning
Heap Overflow
19. Hacker gains access to data stored on Bluetooth enabled phone. Why: hacker make phone calls - send & receive text messages - read & write phonebook contacts - eavesdrop on phone conversations - and connect to Internet. - How: requires advanced equip
Trinoo
Bluesnarfing
Remote Code
Network Address Hijacking
20. Juggernaut & HUNT Project - Spy then attack
Caller ID Spoofing
Bluesnarfing
Hijacking Tools
Botnet Names
21. AKA: Asynchronous attack - How: Takes advantage of dependency of event timing in a multitasking OS - How: Attacker gets between instructions and manipulates something. Goal is Control the result.
Time of Use/Time of Check Attack
Network Address Hijacking
Worm Names
TDL-4 Bot-Net
22. Flood w/ Pairing requests. (spoofed or not) - Victim consumed with Responses
S-RPC
TDL-4 Bot-Net
Worms
Bluetooth DoS (1 or more attackers)
23. RF interference / blocking
Mail bombing
Spoofing at Login
Jamming
Teardrop
24. Type: Buffer Overflow - How: Memory Stack is overflown to write data into another area of memory in the Identify of the System. (Priviledged System account) - Why: The most common cause of stack overflows is excessively deep or infinite recursion. T
Bluebugging
Stack Overflow
Phishing
Botnet Names
25. Redirect victim to fake website - How: DNS poison -
Teardrop
Botnet Names
Pharming
Land
26. Counters: A firewall can be used to detect the outgoing connections made by connect-back shellcodes and the attempt to accept incoming connections made by bindshells. They can therefore offer some protection against an attacker - even if the system i
Remote Code
Time of Use/Time of Check Attack
Port Scanning
ARP Spoof
27. Covert Channel ICMP comms - writes data after header Sniffing - Counter: Secure protocols -
Bluetooth BackDoor Attack
ARP Table Poisioning
Loki
Scrubbing
28. Type: Masquerading Attack - How: For a given IP address in ARP table - attacker enters his MAC address - Why: Attacker alters System ARP table. Goal to receive packets.
Network Address Hijacking
ARP Table Poisioning
Race Condition
Hijacking Tools
29. 1) If phone is vulnerable to bluesnarfing or bluebugging-- seek patches. Manufacturer or manufacturer-authorized dealer. Software patches available for many older Bluetooth phones. 2) Turn device to non-discoverable mode when not using Bluetooth tech
Bluetooth Threat Mitigation
Spoofing at Login
Time of Use/Time of Check Attack
Tap
30. Counter: Non-public #s - Tight AC for modems / pools
ARP Spoof
Hijacking Tools
Wardialing
Bluetooth Malicious Threats
31. Installs its rootkit on the MBR - Sector 0 - Invisible to OS & security software - advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by (C&C) servers
Land
Buffer Overflow
TDL-4 Bot-Net
Heap Overflow
32. How: Attacker sends forged stream of TCP SYN packets with Source & Destination = to victim's IP address - Victim's system attempts to reply to itselft (attacks itself) - Vulnerable systems: Systems with BSD TCP/IP stack - Counter: Edge routers drop p
Ping of Death
ARP Spoof
Deliberate exploit
Land
33. How: Attacker uses technologies (especially associated with VoIP) that allow callers to lie about their identity and present false names and numbers - Why: defraud or harass.
SMiShing
Bluejacking
ARP Spoof
Caller ID Spoofing
34. Type: Worm. How: Self replicating usually Rapid over net or other means.
Stack Overflow
Worms
Buffer Overflow
E-mail address spoofing
35. The botnet also uses the public Kad P2P network for one of its two channels for communicating between infected PCs and the C&C servers - said Kaspersky. Previously - botnets that communicated via P2P used a closed network they had created.
TDL-4 Bot-Net #3
Heap Overflow
Worms
Bluejacking
36. Mobile device attack that seeks to dupe the recipient of an SMS (short message service - text) message into downloading malware onto their handset. Once the handset is infected - it can be turned into a 'zombie -' allowing attackers to control the de
SMiShing
Wardialing
Buffer Overflow
Race Condition
37. Type of Remote Shellcode that downloads and executes some form of malware on the target system. This type of shellcode does not spawn a shell - but rather instructs the machine to download a certain executable file off the network - save it to disk
Download and Execute
Hijacking Tools
Web Spoofing Attack
Network Address Hijacking
38. How: SMTP doesn't provide any authentication.E-mail address spoofing is done in quite the same way as writing a forged return address using snail mail. As long as the letter fits the protocol - (i.e. stamp - postal code) the SMTP protocol will send t
Bluebugging
Web Spoofing Attack
Bluesnarfing
E-mail address spoofing
39. Attacker deletes incriminating evidence or data from audit logs. - Countermeasure: Protect log from modification via strict access control
Bluejacking
Scrubbing
Land
Botnet Names
40. Type: Fun or Snoop Info - How: Attacker sends unsolicited message to Bluetooth enabled device. e.g. insert contact into address book. Why: May Enable future attacks on the device via emails - Recipent reaction or get data w/o your knowledge while con
Bluejacking
Buffer Overflow
Bluetooth DoS (1 or more attackers)
ARP Spoof
41. Allows skilled individuals to access phone Commands using Bluetooth wireless technology without notifying or alerting the phone's user. - Why: This vulnerability allows the hacker to initiate phone calls - send and read SMS - read and write phoneboo
Network Address Hijacking
Web Spoofing Attack
Heap Overflow
Bluebugging
42. Bluebugging - Bluesnarfing
S-RPC
Spoofing at Login
Bluetooth Malicious Threats
TDL-4 Bot-Net #3
43. Type: DDoS - How: uses a master program to communicate with attack agents across multiple nets. Attacker remotely connects to Master host - then master commands agents to perform UDP flood to a list of Target IP addresses. - Why: your IP address is i
Web Spoofing Attack
Trinoo
Bluetooth Threat Mitigation
Mail bombing
44. Add extra bogus charges
Bluetooth BackDoor Attack
Cramming
S-RPC
Download and Execute
45. AKA Session Hijacking - Enables user to gain control of session read change data and/or packets. Could potentially get passwords or Paswd file if attacks admin
Birthday
Tap
Network Address Hijacking
Wardialing
46. Completed by using commercially available couplers to place a microbend in the cable to allow light to radiate through the cladding and be exposed to a photodetector. photodetector is connected to an electro-optical converter that acts as an interfac
Tap
Hijacking Tools
Network Address Hijacking
Web Spoofing Attack
47. 'Pairing' establishes trust relationship - Access to All Data on device
Black Hole
TDL-4 Bot-Net #2
SMiShing
Bluetooth BackDoor Attack
48. Type: DDoS - How: TFN uses a master program to communicate with attack agents across multiple nets. TFN can launch several types of attacks simultaneously: UDP flood - TCP SYN flood - ICPM echo request flood and ICMP directed broadcasts. - Why: TFN M
Heap Overflow
Trinoo
S-RPC
Tribal Flood Network (TFN) & TFN2K
49. Type: Reconn - How: Use port scanning tool to identify Listening Ports (TCP/UDP) on Servers - Tools: Nmap - Foundstone Products (Scanline - etc.) - Angry IP Scanner - etc.
Black Hole
ARP Spoof
Tribal Flood Network (TFN) & TFN2K
Port Scanning
50. In computer security - a shellcode is a small piece of code used as the payload in the exploitation of a software vulnerability. It is called 'shellcode' because it typically starts a command shell from which the attacker can control the compromised
Worm Names
Shellcode
E-mail address spoofing
Download and Execute
