Sie sind auf Seite 1von 6

CHAPTER 3

Question 1

Which two of the following statements are true regarding early TCP/IP development? (Choose
two.)

TCP/IP was the only network protocol suite available and was developed for internet work
environments.

The focus was on solving the technical challenges of moving information quickly and reliably,
not to secure it.

The model was developed as a flexible, fault-tolerant set of protocols.

The design and architecture of TCP/IP have not changed since its adoption in the early 1970’s.

Question 2

What type of IP attack occurs when an attacker inserts itself into a communication session and
then takes over the session?

MAC address flooding attack session hijacking

DHCP depletion attack DoS attack

Question 3

What two types of attacks are examples of ICMP DoS attacks? (Choose two.)

smurf attack blooming onion attack ping of death attack DHCP depletion attack

Question 4

What phases of the TCP communication process is attacked during a TCP SYN flood attack?

three-way handshake connection established connection closed connection


reset

Question 5
What two are examples of UDP-based attacks? (Choose two.)

SYN flood SQL slammer UDP flooding MAC address flooding

Question 6

What best describes an attack vector?

the resolution of an attack a path, method, or route by which an


attack was carried out

the result of, or damage from, an attack the last stage of the attack continuum

Question 7

What best describes an attack surface?

a way to classify which tools were used in an attack

the sum of the different points ("attack vectors") in a given computing device or network that
are accessible to an unauthorized user ("attacker")

the people who are involved in protecting the network perimeter

only describes the data that is gathered about an attack

Question 8

What is an example of a reconnaissance attack tool that will cycle through all well-known ports
to provide a complete list of all services that are running on the hosts?

Netuse ipconfig NMAP show run

Question 9

What two are examples of a vulnerability scan? (Choose two.)

retina Nessus fingerprint open VAS


Question 10

What best describes an amplification attack?

A low volume of bad music is played progressively louder to the point that it becomes
unbearable for people to listen to it.

A small forged packet elicits a large reply from the reflectors.

A small radio signal is initially weak and eventually increases the signal strength so that wireless
devices will attach to it instead of the legitimate AP.

There is no such attack that is called an amplification attack.

Question 11

What best describes a DoS attack?

attempts to consume all a critical computer or network resource in order to make it


unavailable for valid use

poses as legitimate software or email attachment in order to launch a malicious attack when
opened

can steal data such as user names and passwords without the user realizing that they have been
compromised

rarely seen because DoS attacks are extremely difficult to engineer and almost impossible to
deliver

Question 12

What type of attack occurs when the attacker spoofs the IP address of the victim, sending a
continuous stream of small requests, which produce a continuous stream of much larger replies
that are to be sent to the victim's IP address?
reflection attack amplification attack MITM attack Trojan
virus

Question 13

What type of attack occurs when an attacker sends a flood of protocol request packets to various
IP hosts and the attacker spoofs the source IP address of the packets, such that each packet has
the IP address of the intended target rather than the IP address of the attacker as its source
address?

reflection attack amplification attack MITM attack Trojan virus


ARP

Question 14

What type of spoofing attack uses a fake source IP addresses that are different than their real IP
addresses?

MAC spoofing IP spoofing application spoofing name spoofing

Question 15

What three attacks are initiated by a rogue DHCP server? (Choose three.)

Trojan virus DHCP starvation DoS TCP SYN flood MITM

Question 16

A ping attack that exploits the broadcast IP address in a subnet is referred to as what type of
attack?

red rat fraggle smurf SYN flood firewalk

Question 17
Which protocol helps you determine how many hops away a network is and can be exploited by
an attacker?

ICMP traceroute ping TCP

Question 18

Which part of the UDP header would attackers replace if they change the data payload to
prevent the receiver from identifying the change?

source port destination portUDP length

UDP port UDP checksum

OLD: Question 19

Question 10

What best describes a brute-force attack?

breaking and entering into a physical building or network closet

an attacker's attempt to decode a cipher by attempting each possible key combination to find
the correct one

a rogue DHCP server that is posing as a legitimate DHCP server on a network segment

an attacker inserting itself between two devices in a communication session and then taking
over the session.

If an attacker sends a UDP message with the DF (Do Not Fragment) bit set to a target host and
gets a response with the ToS byte set to 0xCO, what information could the attacker have
obtained?

The device is a Cisco IOS device. The device is running a Windows operating
system.
The device is running a Linux operating system. The device is a wireless access point.

Das könnte Ihnen auch gefallen