Question 1

Which defensive technique involves the server sending a wrong SYN+ACK to the client,so the client sends and RST packet notifying the server of an error? This makes the server think the client request is legitimate.

A)Stack tweaking
B)RST cookies
C)SYN cookies
D)None of the above

B

Accepted Answer

RST cookies involve the server sending an incorrect SYN+ACK response to the client. When the client receives this incorrect response, it sends an RST packet back to the server, indicating an error. This process helps in distinguishing between legitimate clients and attackers, as only legitimate clients would know to respond with an RST packet to the incorrect SYN+ACK, thereby reducing the effectiveness of SYN flood attacks.

Question 2

Stack tweaking is a method to alter the TCP stack so that a timeout takes less time when a SYN connection is left incomplete.

Accepted Answer

Stack tweaking involves adjusting the settings of the TCP stack, including the behavior during connection establishment. By modifying parameters such as the SYN retry count or the timeout values, it's possible to reduce the time the system waits before considering a SYN connection attempt as failed, thus making the stack more responsive to incomplete connection attempts.

Question 3

Which defensive technique involves altering the TCP stack on the server so that it will take less time to timeout when a SYN connection is left incomplete?&#10;A)Stack tweaking&#10;B)RST cookies&#10;C)SYN cookies&#10;D)None of the above

Accepted Answer

Stack tweaking involves adjusting the settings of the TCP stack, such as reducing the timeout period for incomplete SYN connections, to improve the server's resilience against certain types of attacks, like SYN flood attacks.

Question 4

The command-line command _______ 127.0.0.1 -l 65000 -w 0 -t will send multiple large packets to a computer,and when initiated by multiple senders may cause a denial-of-service attack.&#10;A)dos&#10;B)ddos&#10;C)tfn&#10;D)None of the above

Accepted Answer

The command described does not directly correspond to a specific named command like "dos," "ddos," or "tfn." Instead, it seems to describe the behavior of sending large packets to a computer, potentially for a denial-of-service attack, but no specific command named "dos," "ddos," or "tfn" inherently performs this action as described. The actual command or tool to perform such an action would typically be something like "ping" or a specialized tool like "hping3," but these are not listed among the options.

Question 5

A smurf attack is a type of malware attack.

Accepted Answer

A smurf attack is a type of distributed denial-of-service (DDoS) attack that floods a targeted system with Internet Control Message Protocol (ICMP) packets, not a type of malware.

Question 6

The command-line command to instruct the ping utility to send packets until explicitly told to stop is ping ____.&#10;A)-s&#10;B)-t&#10;C)-u&#10;D)None of the above

Accepted Answer

The correct option is B) -t. This option is used with the ping command on Windows to ping the target host until stopped manually by the user, typically by using Ctrl+C.

Question 7

The command-line command to display all options for the ping command is ping ____.&#10;A)-h&#10;B)-i&#10;C)-j&#10;D)none of the above

Accepted Answer

The -h option displays the help menu for the ping command, which includes a list of all available options.

Question 8

Which type of attack attempts to overload the system with requests,denying legitimate users access?&#10;A)Denial of service&#10;B)ip spoofing&#10;C)Phishing&#10;D)None of the above

Accepted Answer

A Denial of Service (DoS) attack aims to make a system or network resource unavailable to its intended users by overwhelming it with a flood of requests. This prevents legitimate users from accessing the service.

Question 9

Micro blocks,SYN cookies,RST cookies,and stack tweaking are defenses against ______.&#10;A)TCP SYN flood attacks&#10;B)Phishing&#10;C)Viruses&#10;D)None of the above

Accepted Answer

Micro blocks, SYN cookies, RST cookies, and stack tweaking are specific techniques used to mitigate TCP SYN flood attacks, which is a type of Denial of Service (DoS) attack.

Question 10

A firewall can be configured to disallow certain types of incoming traffic that may be attacking.

Accepted Answer

Firewalls are designed to filter incoming and outgoing network traffic based on an organization's previously determined security policies. By doing so, they can block specific types of traffic, including potential attacks, from reaching the network's internal resources.

Question 11

An echo-chargen attack occurs when the attacker sends a forged packet with the same source IP address and destination IP address as the target's IP address.

Accepted Answer

The answer of An echo-chargen attack occurs when the attacker...

Question 12

Which attack involves sending an ICMP packet to the broadcast address so that it is then sent to the spoofed source address,causing the network to perform a DoS attack on one of more of its member servers?

A)Stack tweaking
B)RST cookies
C)Smurf IP attack
D)None of the above

Accepted Answer

The answer of Which attack involves sending an ICMP packet...

Question 13

One tool used for a denial-of-service attack is ______________.&#10;A)Linux&#10;B)Tribal Flood Network&#10;C)UDP&#10;D)None of the above

Accepted Answer

The answer of One tool used for a denial-of-service attack...

Question 14

The ping -l option changes the size of the packet you can send.

Accepted Answer

The answer of The ping -l option changes the size...

Question 15

_________ attacks are becoming less common in modern operating systems.&#10;A)Denial of service&#10;B)SYN flood&#10;C)Buffer overflow&#10;D)None of the above.

Accepted Answer

The answer of _________ attacks are becoming less common in...

Question 16

A teardrop attack involves sending a forged packet to the victim.

Accepted Answer

The answer of A teardrop attack involves sending a forged...

Question 17

Blocking ICMP packets may help prevent denial-of-service attacks.

Accepted Answer

The answer of Blocking ICMP packets may help prevent denial-of-service...

Question 18

The group Anonymous is a supporter of Wikileaks founder Julian Assange and launched multiple distributed denial-of-service attacks on various financial companies.

Accepted Answer

The answer of The group Anonymous is a supporter of...

Question 19

A denial-of-service attack is one of the most common attacks on a system.

Accepted Answer

The answer of A denial-of-service attack is one of the...

Question 20

SYN cookies are a form of attack.

Accepted Answer

The answer of SYN cookies are a form of attack....

Question 21

The attack in which the attacker sends a fragmented message that the victim cannot reconstruct is a(n)________ attack.&#10;A)Teardrop&#10;B)Land&#10;C)myDoom&#10;D)echo-chargen

Accepted Answer

The answer of The attack in which the attacker sends...

Question 22

One classic denial-of-service attack distributed by email was _____________.&#10;A)myDoom&#10;B)Linux&#10;C)pingflood&#10;D)None of the above

Accepted Answer

The answer of One classic denial-of-service attack distributed by email...

Question 23

The attack in which the attacker sends a forged packet with the same source IP address and destination IP address in which the victim may be tricked into sending messages to and from itself is a(n)_______________ attack.

A)Teardrop
B)Land
C)myDoom
D)echo-chargen

Accepted Answer

The answer of The attack in which the attacker sends...

Question 24

The attack in which the attacker sends a forged packet with the same source IP address and destination IP address in which the victim may be tricked into sending messages to and from itself is a(n)_______________ attack.

A)Teardrop
B)Land
C)myDoom
D)echo-chargen

Accepted Answer

The answer of The attack in which the attacker sends...

Question 25

One defense against denial-of-service attacks is to _______ ICMP packets.&#10;A)Block&#10;B)Convert&#10;C)Permit&#10;D)Modify

Accepted Answer

The answer of One defense against denial-of-service attacks is to...

Deck 4: Denial of Service Attacks