16.2.6 Check Your Understanding – IP Vulnerabilities and Threats Answers

1. Which attack is being used when threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication?

  • Address Spoofing Attack
  • Amplification and Reflection Attacks
  • ICMP Attack
  • MiTM Attack
  • Session Hijacking

Explanation: An MiTM attack is when threat actors position themselves between a source and destination to transparently monitor, capture, and control the communication.

2. Which attack is being used when threat actors gain access to the physical network, and then use an MiTM attack to capture and manipulate a legitimate user’s traffic?

  • Address Spoofing Attack
  • Amplification and Reflection Attacks
  • ICMP Attack
  • MiTM Attack
  • Session Hijacking

Explanation: A session hijacking attack is when threat actors gain access to the physical network, and then use an MiTM attack to capture and manipulate traffic, hijacking a legitimate user’s session.

3. Which attack is being used when threat actors initiate a simultaneous, coordinated attack from multiple source machines?

  • Address Spoofing Attack
  • Amplification and Reflection Attacks
  • ICMP Attack
  • MiTM Attack
  • Session Hijacking

Explanation: In an amplification attack, the threat actor forwards ICMP echo request messages to many hosts. These messages contain the source IP address of the victim. All of these hosts then reply to the spoofed IP address of the victim to overwhelm it, creating a reflection attack.

4. Which attack is being used when threat actors use pings to discover subnets and hosts on a protected network, to generate flood attacks, and to alter host routing tables?

  • Address Spoofing Attack
  • Amplification and Reflection Attacks
  • ICMP Attack
  • MiTM Attack
  • Session Hijacking

Explanation: In ICMP attacks, threat actors use pings to discover subnets and hosts on a protected network, to generate flood attacks, and to alter host routing tables,

5. Which attack being used is when a threat actor creates packets with false source IP address information to either hide the identity of the sender, or to pose as another legitimate user?

  • Address Spoofing Attack
  • Amplification and Reflection Attacks
  • ICMP Attack
  • MiTM Attack
  • Session Hijacking

Explanation: An example of an address spoofing attack is when a threat actor creates packets with false source IP address information to either hide the identity of the sender, or to pose as another legitimate user. The threat actor can then gain access to otherwise inaccessible data or circumvent security configurations.

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments