- Email support@dumps4free.com
“........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one
offered on the premises, but actually has been set up to eavesdrop on wireless
communications. It is the wireless version of the phishing scam. An attacker fools wireless
users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a
legitimate provider. This type of attack may be used to steal the passwords of
unsuspecting users by either snooping the communication link or by phishing, which
involves setting up a fraudulent web site and luring people there.”
Fill in the blank with appropriate choice.
A.
Evil Twin Attack
B.
Sinkhole Attack
C.
Collision Attack
D.
Signal Jamming Attack
Evil Twin Attack
To create a botnet. the attacker can use several techniques to scan vulnerable machines. create a list. Subsequently, they infect the machines. The list Is divided by assigning half of
the list to the newly compromised machines. The scanning process runs simultaneously.
This technique ensures the spreading and installation of malicious code in little time.
Which technique is discussed here?
A.
Hit-list-scanning technique
B.
Topological scanning technique
C.
Subnet scanning technique
D.
Permutation scanning techniqueThe attacker first collects Information about a large number of vulnerable machines to
Hit-list-scanning technique
Explanation:
One of the biggest problems a worm faces in achieving a very fast rate of infection is
“getting off the ground.” although a worm spreads exponentially throughout the early stages
of infection, the time needed to infect say the first 10,000 hosts dominates the infection
time.
There is a straightforward way for an active worm a simple this obstacle, that we term hitlist
scanning. Before the worm is free, the worm author collects a listing of say ten,000 to
50,000 potentially vulnerable machines, ideally ones with sensible network connections.
The worm, when released onto an initial machine on this hit-list, begins scanning down the
list. once it infects a machine, it divides the hit-list in half, communicating half to the
recipient worm, keeping the other half.
This fast division ensures that even if only 10-20% of the machines on the hit-list are
actually vulnerable, an active worm can quickly bear the hit-list and establish itself on all
vulnerable machines in only some seconds. though the hit-list could begin at 200 kilobytes,
it quickly shrinks to nothing during the partitioning. This provides a great benefit in
constructing a quick worm by speeding the initial infection.
The hit-list needn’t be perfect: a simple list of machines running a selected server sort
could serve, though larger accuracy can improve the unfold. The hit-list itself is generated
victimization one or many of the following techniques, ready well before, typically with very
little concern of detection.
Stealthy scans. Portscans are so common and then wide ignored that even a quick
scan of the whole net would be unlikely to attract law enforcement attention or over
gentle comment within the incident response community. However, for attackers
wish to be particularly careful, a randomised sneaky scan taking many months
would be not possible to attract much attention, as most intrusion detection
systems are not currently capable of detecting such low-profile scans. Some
portion of the scan would be out of date by the time it had been used, however
abundant of it’d not.
Distributed scanning. an assailant might scan the web using a few dozen to some
thousand already-compromised “zombies,” the same as what DDOS attackers
assemble in a very fairly routine fashion. Such distributed scanning has already
been seen within the wild–Lawrence Berkeley National Laboratory received ten
throughout the past year.
DNS searches. Assemble a list of domains (for example, by using wide offered
spam mail lists, or trolling the address registries). The DNS will then be searched
for the science addresses of mail-servers (via mx records) or net servers (by
looking for www.domain.com).
Spiders. For net server worms (like Code Red), use Web-crawling techniques the
same as search engines so as to produce a list of most Internet-connected web
sites. this would be unlikely to draw in serious attention.
Public surveys. for many potential targets there may be surveys available listing
them, like the Netcraft survey.
Just listen. Some applications, like peer-to-peer networks, wind up advertising
many of their servers. Similarly, many previous worms effectively broadcast that
the infected machine is vulnerable to further attack. easy, because of its
widespread scanning, during the Code Red I infection it was easy to select up the
addresses of upwards of 300,000 vulnerable IIS servers–because each came
knock on everyone’s door
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?
A.
wireshark --fetch ''192.168.8*''
B.
wireshark --capture --local masked 192.168.8.0 ---range 24
C.
tshark -net 192.255.255.255 mask 192.168.8.0
D.
sudo tshark -f''net 192 .68.8.0/24''
sudo tshark -f''net 192 .68.8.0/24''
Which file is a rich target to discover the structure of a website during web-server
footprinting?
A.
Document root
B.
Robots.txt
C.
domain.oct
D.
index.html
Document root
Explanation: The document root is a directory (a folder) that is stored on your host’s
servers and that is designated for holding web pages. When someone else looks at your
web site, this is the location they will be accessing.
In order for a website to be accessible to visitors, it must be published to the correct
directory, the “document root.”
You might think that there would only be one directory in your space on your host’s servers,
but often hosts provide services beyond just publishing a website. In this case, they are
likely to set up every account with several directories, since each service would require its
own.
Let's imagine three companies (A, B and C), all competing in a challenging global
environment. Company A and B are working together in developing a product that will
generate a major competitive advantage for them. Company A has a secure DNS server
while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the
DNS server of company B, company C gains access to outgoing e-mails from company B.
How do you prevent DNS spoofing?
A.
Install DNS logger and track vulnerable packets
B.
Disable DNS timeouts
C.
Install DNS Anti-spoofing
D.
Disable DNS Zone Transfer
Install DNS Anti-spoofing
| Page 13 out of 104 Pages |
| Previous |