9781111640125_IM_ch03

Security+ Guide to Network Security Fundamentals

  • No School
  • NONE 0
  • Notes
  • 9
  • 75% (8) 6 out of 8 people found this document helpful

This preview shows page 5 - 7 out of 9 pages.

Answer: True 3. A(n) ____ attack takes advantage of vulnerability in the Web application program or the Web server software so that a user can move from the root directory to other restricted directories. Answer: directory traversal 4. A(n) ____ occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. Answer: buffer overflow Network Attacks 1. Mention that networks are a good target for attackers since one attack can expose more devices to the attacker. 2. Explain that the most common network attacks include denial of service, interception, poisoning, and attacks on access rights. Denial of Service (DoS) 1. Explain that a denial of service attack attempts to prevent a system from performing its normal functions. 2. Explain the difference between ICMP and SYN flood attacks. 3. Explain the TCP three-way handshake and use Figure 3-9 to discuss the SYN flood attack. Interception 1. Explain that there are two common interception attacks: man-in-the-middle and replay attacks. 2. Explain that man-in-the-middle attacks can be active or passive. In a passive attack, the attacker captures the data that is being transmitted, records it, and then sends it on to the original recipient without their presence being detected. In an active attack, the contents are intercepted and altered before they are sent on to the recipient. 3. Define a simple replay would involve the man-in-the-middle capturing logon credentials between the computer and the server. Poisoning 1. Explain that there are two types of attacks that inject poison into normal network processes: ARP and DNS poisoning.
Image of page 5

Subscribe to view the full document.

Security+ Guide to Network Security Fundamentals, Fourth Edition 3-6 2. Explain that ARP poisoning takes advantage of the ARP cache of systems by flooding the network with false (gratuitous) ARP data packets redirecting legitimate requests to the attacker’s system. Use Table 3-3 to help explain this concept. 3. Define DNS poisoning as an attack that injects false IP addresses into the Domain Name System servers of an organization, causing clients and servers using those server to reach compromised or malicious hosts. 4. Use Figure 3-12 to explain how a DNS poisoning attack occurs. Attacks on Access Rights 1. Explain that the two types of access rights attacks are privilege escalation and transitive access. 2. Explain that privilege escalation is when an attacker exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining. 3. Explain that there are two types of privilege escalation. The first is when a user with a lower privilege uses privilege escalation to access functions reserved for higher- privilege users. The second type of privilege escalation is when a user with restricted privileges accesses the different restricted functions of a similar user. 4. Explain that transitive access is an attack involving using a third party to gain access rights. Quick Quiz 2 1. A(n) ____ attack uses the Internet Control Message Protocol (ICMP), which is a Network Layer protocol that is part of Transmission Control Protocol/Internet Protocol (TCP/IP) to flood a victim with packets.
Image of page 6
Image of page 7
You've reached the end of this preview.
  • '
  • NoProfessor
  • HTTP cookie, Code injection, Network Security Fundamentals

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern