True Privacy filter [a.k.a. privacy screen] is a protective overlay placed on the computer screen that narrows the viewing angle, so the screen content is only visible directly in front of the monitor and cannot be seen by others nearby. Privacy filter is one of the countermeasures against shoulder
surfing.
False
True
An email message containing a warning related to a non-existent computer security threat, asking a user to delete system files falsely identified as malware, and/or prompting them to share the message with others would be an example of:
Vishing
Impersonation
Virus hoax
Phishing
Virus hoax
Which of the terms listed below refers to a platform used for watering hole attacks?
Mail gateways
Websites
PBX systems
Web browsers
Websites
Which social engineering principles apply to the following attack scenario? [Select 3 answers] An attacker impersonates a company's managing staff member to manipulate a lower rank employee into disclosing confidential data. The attacker informs the victim that the information is essential for a task that needs to be completed within the business hours on the same day and mentions potential financial losses for the company in case the victim refuses to comply.
Urgency
Familiarity
Authority
Consensus
Intimidation
Scarcity
Urgency
Authority
Intimidation
Which social engineering principles apply to the following attack scenario? [Select 3 answers] An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app.
Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency
Scarcity
Familiarity
Trust
Which social engineering principle applies to the following attack scenario? While conducting a web research that would help in making a better purchasing decision, a user visits series of Facebook pages and blogs containing fake reviews and testimonials in favor of a paid app intentionally infected with malware.
Scarcity
Authority
Consensus
Intimidation
Urgency
Consensus
An attempt to flood the bandwidth or resources of a targeted system so that it becomes overwhelmed with false requests and in result doesn't have time or resources to handle legitimate requests is called:
Bluesnarfing
MITM attack
Session hijacking
DoS attack
DoS attack
As opposed to the simple Denial of Service [DoS] attacks that usually are performed from a single system, a Distributed Denial of Service [DDoS] attack uses multiple compromised computer systems to perform the attack against its target. The intermediary systems that are used as platform for the attack are the secondary victims of the DDoS attack; they are often referred to as zombies, and collectively as a botnet.
True
False
True
Which of the following attacks relies on intercepting and altering data sent between two networked hosts?
Zero-day attack
MITM attack
Watering hole attack
Replay attack
MITM attack
Man In The Middle attack:
In cryptography and computer security, a man-in-the-middle attack is an attack where
the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is known as:
IV attack
SQL injection
Buffer overflow
Fuzz test
Buffer overflow
Entry fields of web forms lacking input validation are vulnerable to what kind of attacks?
Replay attacks
SQL injection attacks
Brute-force
attacks
Dictionary attacks
SQL injection attacks
Which of the answers listed below refers to a common target of cross-site scripting [XSS]?
Physical security
Alternate
sites
Dynamic web pages
Removable storage
Dynamic web pages
Cross-site scripting [XSS]:
Cross-site scripting is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting
vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
Cross-site request forgery [CSRF/XSRF] is a security exploit that allows for infecting a website with malicious code. The malicious code, often in the form of JavaScript, can then be sent to the unsuspecting user and executed via the user's web browser application.
True
False
False
Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF [sometimes pronounced sea-surf] or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts.
Which type of attack allows for tricking a user into sending unauthorized commands to a web application? [Select 2 answers]
IRC
CSRF
XSS
XSRF
CSR
CSRF
XSRF
Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF [sometimes pronounced sea-surf] or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts.
Which of the following facilitate[s] privilege escalation attacks? [Select all that apply]
A. System/application
vulnerability
B. Distributed Denial of Service [DDoS]
C. Social engineering techniques
D. Attribute-Based Access Control [ABAC]
E. System/application misconfiguration
A. System/application vulnerability
C. Social engineering techniques
E. System/application misconfiguration
An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario?
ARP poisoning
Replay
attack
Cross-site request forgery
DNS poisoning
ARP poisoning
Address Resolution Protocol poisoning[ARP poisoning] is a form of attack in which an attacker changes the Media Access Control [MAC] address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets.
Which of the attack types listed below relies on the amplification effect?
Zero-day attack
DDoS attack
Brute-force attack
MITM attack
DDoS attack
DEFINITION
DNS amplification attack
How to attack DDoS threats with a solid defense plan
//whatis.techtarget.com/definition/DNS-amplification-attack
A DNS amplification attack is a reflection-based distributed denial of service [DDos] attack.
The attacker spoofs look-up requests to domain name system [DNS] servers to hide the source of the exploit and direct the response to the target. Through various techniques, the attacker turns a small DNS query into a much larger payload directed at the target network.
The attacker sends a DNS look-up request using the spoofed IP address of the target to vulnerable DNS servers. Most commonly, these are DNS servers that support open recursive relay. The original request is often relayed through a botnetfor a larger base of attack and further concealment. The DNS request is sent using the EDNS0 extension to the DNS protocol allowing for large DNS messages. It may also use the DNS security extension [DNSSEC] cryptographic feature to add to the size of the message.
These amplifications can increase the size of the requests from around 40 bytes to above the maximum Ethernet packet size of 4000 bytes. This requires they be broken down for transmission and then reassembled, requiring further target network resources. A botnet's many amplified requests enable an attacker to direct a large attack with little outgoing bandwidth use. The attack is hard to protect against as it comes from valid-looking servers with valid-looking traffic.
DNS amplification is one of the more popular attack types. In March 2013, the method was used to target Spamhauslikely by a purveyor of malware whose business the organization had disrupted by blacklisting. The anonymity of the attack was such that Spamhaus is still unsure of the source. Furthermore, the attack was so severe that it temporarily crippled and almost brought down the Internet.
Proposed methods to prevent or mitigate the impact of DNS amplification attacks include rate limiting, blocking either specific DNS servers or all open recursive relay servers, and tightening DNS server security in general.
Remapping a domain name to a rogue IP address is an example of what kind of exploit?
DNS poisoning
Domain hijacking
ARP poisoning
URL hijacking
DNS poisoning
" The term ""Domain hijacking"" refers to a situation in which a domain registrant due to unlawful actions of third parties loses control over his/her domain name."
True
False
True
Which of the terms listed below refers to a computer security exploit that takes advantage of vulnerabilities in a user's web browser application?
MTTR
MITM
MTBF
MITB
MITB
Man In The Browser
A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:
Xmas attack
Zero-day attack
IV attack
Replay attack
Zero-day attack
A replay attack occurs when an attacker intercepts user data and tries to use this information later to impersonate the user to obtain unauthorized access to resources on a network.
True
False
True
A technique that allows an attacker to authenticate to a remote server without extracting a cleartext password from the digest and use the digest instead of a password credential is known as:
Pass the hash
Replay attack
Hash collision
Rainbow table
Pass the hash
" In computer security, the term ""Clickjacking"" refers to a malicious technique of tricking a user into clicking on something different from what the user thinks they are clicking on."
True
False
True
In a session hijacking attack, a hacker takes advantage of the session ID stored in:
Key escrow
Digital signature
Cookie
Firmware