CS6262 Final Exam WITH |\ |\ |\ |\
CORRECT ANSWERS |\
Random Scanning - CORRECT ANSWERS ✔✔Each comprised
|\ |\ |\ |\ |\ |\ |\
computer probes random addresses
|\ |\ |\
Permutation Scanning - CORRECT ANSWERS ✔✔All comprised
|\ |\ |\ |\ |\ |\ |\
computers share a common psuedo-random permutation of the IP
|\ |\ |\ |\ |\ |\ |\ |\ |\
address space |\
Signpost Scanning - CORRECT ANSWERS ✔✔Uses the
|\ |\ |\ |\ |\ |\ |\
communication patterns of the comprised computer to find a new
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target
Hit List Scanning - CORRECT ANSWERS ✔✔A portion of a list of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
targets is supplied to a comprised computer
|\ |\ |\ |\ |\ |\
Subnet Spoofing - CORRECT ANSWERS ✔✔Generate random
|\ |\ |\ |\ |\ |\ |\
addresses within a given address space
|\ |\ |\ |\ |\
Random Sppofing - CORRECT ANSWERS ✔✔Generate 32-bit
|\ |\ |\ |\ |\ |\ |\
numbers and stamp packets with them
|\ |\ |\ |\ |\
,Fixed Spoofing - CORRECT ANSWERS ✔✔The spoofed address is
|\ |\ |\ |\ |\ |\ |\ |\ |\
the address of the target
|\ |\ |\ |\
Server Application - CORRECT ANSWERS ✔✔The attack is
|\ |\ |\ |\ |\ |\ |\ |\
targeted to a specific application on a server
|\ |\ |\ |\ |\ |\ |\
Network Access - CORRECT ANSWERS ✔✔The attack is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
overload or crash the communication mechanism of a network
|\ |\ |\ |\ |\ |\ |\ |\
Infrastructure - CORRECT ANSWERS ✔✔The motivation of this |\ |\ |\ |\ |\ |\ |\ |\
attack is a crucial service of a global internet operation, for example
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
core router
|\
DoS Bug (Amplification Attack) - CORRECT ANSWERS ✔✔Design
|\ |\ |\ |\ |\ |\ |\
flaw allowing one machine to disrupt a service
|\ |\ |\ |\ |\ |\ |\ |\
DoS Flood (Amplification Attack) - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\
✔✔Command botnets to generate flood of requests |\ |\ |\ |\ |\ |\
UDP-based NTP - CORRECT ANSWERS ✔✔-Particularly |\ |\ |\ |\ |\ |\
vulnerable to amplification attacks |\ |\ |\
-Small command can generate a large response
|\ |\ |\ |\ |\ |\
, -Vulnerable to source IP spoofing |\ |\ |\ |\
-Difficult to ensure computers only communicate with legitimate
|\ |\ |\ |\ |\ |\ |\ |\
NTP servers |\
IP Header Format - CORRECT ANSWERS ✔✔-Connectionless
|\ |\ |\ |\ |\ |\
-Unreliable
-No authentication
|\
SYN Flood - CORRECT ANSWERS ✔✔A type of DoS where an
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attacker sends a large amount of SYN request packets to a server in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
an attempt to deny service.
|\ |\ |\ |\
SYN Flood Mitigations - CORRECT ANSWERS ✔✔Syn Cookies -
|\ |\ |\ |\ |\ |\ |\ |\ |\
remove state from server, but incur performance overhead
|\ |\ |\ |\ |\ |\ |\
Crowdturfers - CORRECT ANSWERS ✔✔- Crowdsource to create, |\ |\ |\ |\ |\ |\ |\ |\
verify, and manage fake accounts
|\ |\ |\ |\
- Solve CAPTCHAs
|\ |\
Penetration Testing - CORRECT ANSWERS ✔✔Footprinting, |\ |\ |\ |\ |\ |\
Scanning, Enumeration, Gaining Access, Escalating Privileged,
|\ |\ |\ |\ |\ |\
Pilfering (steal data), Covering Tracks, Creating Backdoors
|\ |\ |\ |\ |\ |\
CORRECT ANSWERS |\
Random Scanning - CORRECT ANSWERS ✔✔Each comprised
|\ |\ |\ |\ |\ |\ |\
computer probes random addresses
|\ |\ |\
Permutation Scanning - CORRECT ANSWERS ✔✔All comprised
|\ |\ |\ |\ |\ |\ |\
computers share a common psuedo-random permutation of the IP
|\ |\ |\ |\ |\ |\ |\ |\ |\
address space |\
Signpost Scanning - CORRECT ANSWERS ✔✔Uses the
|\ |\ |\ |\ |\ |\ |\
communication patterns of the comprised computer to find a new
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
target
Hit List Scanning - CORRECT ANSWERS ✔✔A portion of a list of
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
targets is supplied to a comprised computer
|\ |\ |\ |\ |\ |\
Subnet Spoofing - CORRECT ANSWERS ✔✔Generate random
|\ |\ |\ |\ |\ |\ |\
addresses within a given address space
|\ |\ |\ |\ |\
Random Sppofing - CORRECT ANSWERS ✔✔Generate 32-bit
|\ |\ |\ |\ |\ |\ |\
numbers and stamp packets with them
|\ |\ |\ |\ |\
,Fixed Spoofing - CORRECT ANSWERS ✔✔The spoofed address is
|\ |\ |\ |\ |\ |\ |\ |\ |\
the address of the target
|\ |\ |\ |\
Server Application - CORRECT ANSWERS ✔✔The attack is
|\ |\ |\ |\ |\ |\ |\ |\
targeted to a specific application on a server
|\ |\ |\ |\ |\ |\ |\
Network Access - CORRECT ANSWERS ✔✔The attack is used to
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\
overload or crash the communication mechanism of a network
|\ |\ |\ |\ |\ |\ |\ |\
Infrastructure - CORRECT ANSWERS ✔✔The motivation of this |\ |\ |\ |\ |\ |\ |\ |\
attack is a crucial service of a global internet operation, for example
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
core router
|\
DoS Bug (Amplification Attack) - CORRECT ANSWERS ✔✔Design
|\ |\ |\ |\ |\ |\ |\
flaw allowing one machine to disrupt a service
|\ |\ |\ |\ |\ |\ |\ |\
DoS Flood (Amplification Attack) - CORRECT ANSWERS
|\ |\ |\ |\ |\ |\ |\
✔✔Command botnets to generate flood of requests |\ |\ |\ |\ |\ |\
UDP-based NTP - CORRECT ANSWERS ✔✔-Particularly |\ |\ |\ |\ |\ |\
vulnerable to amplification attacks |\ |\ |\
-Small command can generate a large response
|\ |\ |\ |\ |\ |\
, -Vulnerable to source IP spoofing |\ |\ |\ |\
-Difficult to ensure computers only communicate with legitimate
|\ |\ |\ |\ |\ |\ |\ |\
NTP servers |\
IP Header Format - CORRECT ANSWERS ✔✔-Connectionless
|\ |\ |\ |\ |\ |\
-Unreliable
-No authentication
|\
SYN Flood - CORRECT ANSWERS ✔✔A type of DoS where an
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
attacker sends a large amount of SYN request packets to a server in
|\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\ |\
an attempt to deny service.
|\ |\ |\ |\
SYN Flood Mitigations - CORRECT ANSWERS ✔✔Syn Cookies -
|\ |\ |\ |\ |\ |\ |\ |\ |\
remove state from server, but incur performance overhead
|\ |\ |\ |\ |\ |\ |\
Crowdturfers - CORRECT ANSWERS ✔✔- Crowdsource to create, |\ |\ |\ |\ |\ |\ |\ |\
verify, and manage fake accounts
|\ |\ |\ |\
- Solve CAPTCHAs
|\ |\
Penetration Testing - CORRECT ANSWERS ✔✔Footprinting, |\ |\ |\ |\ |\ |\
Scanning, Enumeration, Gaining Access, Escalating Privileged,
|\ |\ |\ |\ |\ |\
Pilfering (steal data), Covering Tracks, Creating Backdoors
|\ |\ |\ |\ |\ |\
