4.4.2 Attacking What We Do Quiz Answers
1. Which action best describes a MAC address spoofing attack?
- altering the MAC address of an attacking host to match that of a legitimate host
- bombarding a switch with fake source MAC addresses
- forcing the election of a rogue root bridge
- flooding the LAN with excessive traffic
2. What is an objective of a DHCP spoofing attack?
- to gain illegal access to a DHCP server and modify its configuration
- to attack a DHCP server and make it unable to provide valid IP addresses to DHCP clients
- to intercept DHCP messages and alter the information before sending to DHCP clients
- to provide false DNS server addresses to DHCP clients so that visits to a legitimate web server are directed to a fake server
3. What is the primary means for mitigating virus and Trojan horse attacks?
- antivirus software
- antisniffer software
- blocking ICMP echo and echo-replies
4. What method can be used to mitigate ping sweeps?
- blocking ICMP echo and echo-replies at the network edge
- deploying antisniffer software on all network devices
- using encrypted or hashed authentication protocols
- installing antivirus software on hosts
5. What worm mitigation phase involves actively disinfecting infected systems?
6. What is the result of a DHCP starvation attack?
- Legitimate clients are unable to lease IP addresses.
- Clients receive IP address assignments from a rogue DHCP server.
- The attacker provides incorrect DNS and default gateway information to clients.
- The IP addresses assigned to legitimate clients are hijacked.
7. Which term is used for bulk advertising emails flooded to as many end users as possible?
- Brute force
8. Which type of DNS attack involves the cybercriminal compromising a parent domain and creating multiple subdomains to be used during the attacks?
- cache poisoning
- amplification and reflection
9. Which protocol would be the target of a cushioning attack?
10. Which language is used to query a relational database?
11. Which two attacks target web servers through exploiting possible vulnerabilities of input functions used by an application? (Choose two.)
- SQL injection
- port scanning
- port redirection
- trust exploitation
- cross-site scripting
12. In which type of attack is falsified information used to redirect users to malicious Internet sites?
- DNS cache poisoning
- ARP cache poisoning
- DNS amplification and reflection
- domain generation
13. What is a characteristic of a DNS amplification and reflection attack?
- Threat actors use DNS open resolvers to increase the volume of attacks and to hide the true source of an attack.
- Threat actors use a DoS attack that consumes the resources of the DNS open resolvers.
- Threat actors hide their phishing and malware delivery sites behind a quickly-changing network of compromised DNS hosts.
- Threat actors use malware to randomly generate domain names to act as rendezvous points.