“........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one
offered on the premises, but actually has been set up to eavesdrop on wireless
communications. It is the wireless version of the phishing scam. An attacker fools wireless
users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a
legitimate provider. This type of attack may be used to steal the passwords of
unsuspecting users by either snooping the communication link or by phishing, which
involves setting up a fraudulent web site and luring people there.”
Fill in the blank with appropriate choice.
A.
Evil Twin Attack
B.
Sinkhole Attack
C.
Collision Attack
D.
Signal Jamming Attack
Evil Twin Attack
To create a botnet. the attacker can use several techniques to scan vulnerable machines. create a list. Subsequently, they infect the machines. The list Is divided by assigning half of
the list to the newly compromised machines. The scanning process runs simultaneously.
This technique ensures the spreading and installation of malicious code in little time.
Which technique is discussed here?
A.
Hit-list-scanning technique
B.
Topological scanning technique
C.
Subnet scanning technique
D.
Permutation scanning techniqueThe attacker first collects Information about a large number of vulnerable machines to
Hit-list-scanning technique
Explanation:
One of the biggest problems a worm faces in achieving a very fast rate of infection is
“getting off the ground.” although a worm spreads exponentially throughout the early stages
of infection, the time needed to infect say the first 10,000 hosts dominates the infection
time.
There is a straightforward way for an active worm a simple this obstacle, that we term hitlist
scanning. Before the worm is free, the worm author collects a listing of say ten,000 to
50,000 potentially vulnerable machines, ideally ones with sensible network connections.
The worm, when released onto an initial machine on this hit-list, begins scanning down the
list. once it infects a machine, it divides the hit-list in half, communicating half to the
recipient worm, keeping the other half.
This fast division ensures that even if only 10-20% of the machines on the hit-list are
actually vulnerable, an active worm can quickly bear the hit-list and establish itself on all
vulnerable machines in only some seconds. though the hit-list could begin at 200 kilobytes,
it quickly shrinks to nothing during the partitioning. This provides a great benefit in
constructing a quick worm by speeding the initial infection.
The hit-list needn’t be perfect: a simple list of machines running a selected server sort
could serve, though larger accuracy can improve the unfold. The hit-list itself is generated
victimization one or many of the following techniques, ready well before, typically with very
little concern of detection.
Stealthy scans. Portscans are so common and then wide ignored that even a quick
scan of the whole net would be unlikely to attract law enforcement attention or over
gentle comment within the incident response community. However, for attackers
wish to be particularly careful, a randomised sneaky scan taking many months
would be not possible to attract much attention, as most intrusion detection
systems are not currently capable of detecting such low-profile scans. Some
portion of the scan would be out of date by the time it had been used, however
abundant of it’d not.
Distributed scanning. an assailant might scan the web using a few dozen to some
thousand already-compromised “zombies,” the same as what DDOS attackers
assemble in a very fairly routine fashion. Such distributed scanning has already
been seen within the wild–Lawrence Berkeley National Laboratory received ten
throughout the past year.
DNS searches. Assemble a list of domains (for example, by using wide offered
spam mail lists, or trolling the address registries). The DNS will then be searched
for the science addresses of mail-servers (via mx records) or net servers (by
looking for www.domain.com).
Spiders. For net server worms (like Code Red), use Web-crawling techniques the
same as search engines so as to produce a list of most Internet-connected web
sites. this would be unlikely to draw in serious attention.
Public surveys. for many potential targets there may be surveys available listing
them, like the Netcraft survey.
Just listen. Some applications, like peer-to-peer networks, wind up advertising
many of their servers. Similarly, many previous worms effectively broadcast that
the infected machine is vulnerable to further attack. easy, because of its
widespread scanning, during the Code Red I infection it was easy to select up the
addresses of upwards of 300,000 vulnerable IIS servers–because each came
knock on everyone’s door
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?
A.
wireshark --fetch ''192.168.8*''
B.
wireshark --capture --local masked 192.168.8.0 ---range 24
C.
tshark -net 192.255.255.255 mask 192.168.8.0
D.
sudo tshark -f''net 192 .68.8.0/24''
sudo tshark -f''net 192 .68.8.0/24''
Which file is a rich target to discover the structure of a website during web-server
footprinting?
A.
Document root
B.
Robots.txt
C.
domain.oct
D.
index.html
Document root
Explanation: The document root is a directory (a folder) that is stored on your host’s
servers and that is designated for holding web pages. When someone else looks at your
web site, this is the location they will be accessing.
In order for a website to be accessible to visitors, it must be published to the correct
directory, the “document root.”
You might think that there would only be one directory in your space on your host’s servers,
but often hosts provide services beyond just publishing a website. In this case, they are
likely to set up every account with several directories, since each service would require its
own.
Let's imagine three companies (A, B and C), all competing in a challenging global
environment. Company A and B are working together in developing a product that will
generate a major competitive advantage for them. Company A has a secure DNS server
while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the
DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
A.
Install DNS logger and track vulnerable packets
B.
Disable DNS timeouts
C.
Install DNS Anti-spoofing
D.
Disable DNS Zone Transfer
Install DNS Anti-spoofing
In this attack, a victim receives an e-mail claiming from PayPal stating that their account
has been disabled and confirmation is required before activation. The attackers then scam
to collect not one but two credit card numbers, ATM PIN number and other personal
details. Ignorant users usually fall prey to this scam.
Which of the following statement is incorrect related to this attack?
A.
Do not reply to email messages or popup ads asking for personal or financial
information
B.
Do not trust telephone numbers in e-mails or popup ads
C.
Review credit card and bank account statements regularly
D.
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
E.
Do not send credit card numbers, and personal or financial information via e-mail
Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks
A bank stores and processes sensitive privacy information related to home loans. However,
auditing has never been enabled on the system. What is the first step that the bank should
take before enabling the audit feature?
A.
Perform a vulnerability scan of the system.
B.
Determine the impact of enabling the audit feature.
C.
Perform a cost/benefit analysis of the audit feature.
D.
Allocate funds for staffing of audit log review
Determine the impact of enabling the audit feature.
Which of the following describes the characteristics of a Boot Sector Virus?
A.
Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
B.
Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
C.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
D.
Overwrites the original MBR and only executes the new virus code.
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
John, a professional hacker, performs a network attack on a renowned organization and
gains unauthorized access to the target network. He remains in the network without being
detected for a long time and obtains sensitive information without sabotaging the
organization. Which of the following attack techniques is used by John?
A.
Advanced persistent
B.
threat Diversion theft
C.
Spear-phishing sites
D.
insider threat
Advanced persistent
Explanation: An advanced persistent threat (APT) may be a broad term wont to describe
AN attack campaign within which an intruder, or team of intruders, establishes a bootleg,
long presence on a network so as to mine sensitive knowledge.
The targets of those assaults, that square measure terribly fastidiously chosen and
researched, usually embrace massive enterprises or governmental networks. the
implications of such intrusions square measure huge, and include:
Intellectual property thieving (e.g., trade secrets or patents)
Compromised sensitive info (e.g., worker and user personal data)
The sabotaging of essential structure infrastructures (e.g., information deletion)
Total website takeovers
Executing an APT assault needs additional resources than a regular internet application
attack. The perpetrators square measure typically groups of intimate cybercriminals having
substantial resource. Some APT attacks square measure government-funded and used as
cyber warfare weapons.
APT attacks dissent from ancient internet application threats, in that:
They’re considerably additional advanced.
They’re not hit and run attacks—once a network is infiltrated, the culprit remains so
as to realize the maximum amount info as potential.
They’re manually dead (not automated) against a selected mark and
indiscriminately launched against an outsized pool of targets.
They typically aim to infiltrate a complete network, as opposition one specific half.
More common attacks, like remote file inclusion (RFI), SQL injection and cross-site
scripting (XSS), square measure oftentimes employed by perpetrators to ascertain a
footing in a very targeted network. Next, Trojans and backdoor shells square measure
typically wont to expand that foothold and make a persistent presence inside the targeted
perimeter.
What term describes the amount of risk that remains after the vulnerabilities are classified
and the countermeasures have been deployed?
A.
Residual risk
B.
Impact risk
C.
Deferred risk
D.
Inherent risk
Residual risk
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?
A.
Hash value
B.
Private key
C.
Digital signature
D.
Digital certificate
Digital certificate
Clark, a professional hacker, was hired by an organization lo gather sensitive Information
about its competitors surreptitiously. Clark gathers the server IP address of the target
organization using Whole footprinting. Further, he entered the server IP address as an
input to an online tool to retrieve information such as the network range of the target
organization and to identify the network topology and operating system used in the
network. What is the online tool employed by Clark in the above scenario?
A.
AOL
B.
ARIN
C.
DuckDuckGo
D.
Baidu
DuckDuckGo
| Page 6 out of 44 Pages |
| Previous |