connect and protect networks and network security coursera weekly challenge 3 answers
Test your knowledge: Secure networks against Denial of Service (DoS) attacks
1. What type of attack uses multiple devices or servers in different locations to flood the target network with unwanted traffic?
- Phishing attack
- Tailgating attack
- Denial of Service (DoS) attack
- Distributed Denial of Service (DDoS) attack
2. What type of attack poses as a TCP connection and floods a server with packets simulating the first step of the TCP handshake?
- SYN flood attack
- ICMP flood
- On-path attack
- SYN-ACK flood attack
3. Fill in the blank: The Denial of Service (DoS) attack _____ is caused when a hacker sends a system an ICMP packet that is bigger than 64KB.
- On-path
- SYN flood
- Ping of Death
- ICMP flood
4. Which types of attacks take advantage of communication protocols by sending an overwhelming number of requests to a server? Select all that apply.
- DDoS attack
- ICMP flood attack
- SYN flood attack
- TCP connection attack
Test your knowledge: Network interception attack tactics
5. Passive packet sniffing involves data packets being manipulated while in transit, which may include injecting internet protocols to redirect the packets to unintended ports or changing the information the packet contains.
- True
- False
6. Fill in the blank: A security analyst can protect against malicious packet sniffing by _____ to encrypt data as it travels across a network.
- using only websites with HTTP at the beginning of their domain addresses
- using a VPN
- using a network hub
- using free public Wi-Fi
7. Which type of attack involves an attacker changing the source IP of a data packet to impersonate an authorized system and gain access to the network?
- Replay attack
- IP spoofing
- On-path attack
- Ping of death
8. Which of the following statements accurately describes a smurf attack?
- A DoS attack that is caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than the maximum size
- A network attack performed when an attacker sniffs an authorized user’s IP address and floods it with packets
- A network attack performed when an attacker intercepts a data packet in transit and delays it or repeats it at another time
- A DoS attack performed by an attacker repeatedly sending ICMP packets to a network server
Weekly challenge 3
9. What happens during a Denial of Service (DoS) attack?
- The target crashes and normal business operations cannot continue.
- The data packets containing valuable information are stolen as they travel across the network.
- The attacker successfully impersonates an authorized user and gains access to the network.
- The network is infected with malware.
10. Which of the following statements accurately describe Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks? Select three answers.
- In both DoS and DDoS attacks, every part of the network must be overloaded for the attacks to be successful.
- A DDoS attack involves multiple hosts carrying out the attack.
- A DoS attack involves one host conducting the attack.
- A network device experiencing a DoS attack is unable to respond to legitimate users.
11. A security manager is training their team to identify when a server has experienced a SYN-flood attack. What might indicate to the team members that their organization is at risk?
- The port numbers in the data packets are incorrect.
- A large number of ICMP packets are delivered to the organization’s servers.
- An oversized ICMP packet is sent to the network server.
- The server has stopped responding after receiving an unusually high number of incoming SYN packets.
12. Fill in the blank: The DoS attack _____ occurs when a malicious actor sends an oversized ICMP packet to a server.
- smurf
- SYN flood
- Ping of Death
- on-path
13. Which of the following statements correctly describe passive and active packet sniffing? Select three answers.
- Using only websites with HTTPS at the beginning of their domain names provides protection from packet sniffing.
- Passive packet sniffing may enable attackers to change the information a packet contains.
- Active packet sniffing may enable attackers to redirect the packets to unintended ports.
- The purpose of passive packet sniffing is to read data packets while in transit.
14. As a security professional, you research on-path, replay, and smurf attacks in order to implement procedures that will protect your company from these incidents. What type of attack are you learning about?
- Ping of death
- SYN flooding
- Packet sniffing
- IP spoofing
15. Fill in the blank: _____ is a network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.
- A KRACK attack
- A DoS attack
- IP spoofing
- SYN flooding
16. In which attack do malicious actors impersonate a web browser or web server by placing themselves between the two devices, then sniffing the packet information to discover their IP and MAC addresses?
- Packet flooding attack
- On-path attack
- Malware attack
- Smurf attack
17. Fill in the blank: The _____ network attack occurs when a malicious actor takes a network transmission that was sent by an authorized user and repeats it at a later time to impersonate that user.
- SYN flood
- smurf
- on-path
- replay
18. Which combination DoS and IP spoofing attack can bring down an entire network by flooding an authorized user’s IP address with packets?
- On-path attack
- Replay attack
- Ping of Death
- Smurf attack
19. What is the main objective of a Denial of Service (DoS) attack?
- Simulate a TCP connection and flood a server with SYN packets
- Send oversized ICMP packets
- Disrupt normal business operations
- Repeatedly send ICMP packets to a network server
20. A security team discovers that an attacker has taken advantage of the handshake process that is used to establish a TCP connection between a device and their server. Which DoS attack does this scenario describe?
- ICMP flood
- On-path attack
- SYN flood attack
- Ping of Death
21. Fill in the blank: The maximum size of a correctly formatted IPv4 ICMP packet is _____, as opposed to the oversized packet that is sent during a Ping of Death attack.
- 32KB
- 64TB
- 15Gb
- 64KB
22. Fill in the blank: To reduce the chances of an IP spoofing attack, a security analyst can configure a _____ to reject all incoming traffic with the same source IP addresses as those owned by the organization.
- VPN
- HTTPS domain address
- firewall
- demilitarized zone
23. Which of the following statements accurately describe Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks? Select three answers.
- A DoS attack may use multiple servers in different locations to flood the target network with unwanted traffic.
- A DDoS attack is intended to overwhelm the target server.
- A DoS attack may involve flooding a network with traffic.
- In both DoS and DDoS attacks, if any part of the network is overloaded, the attacks are successful.
24. Which of the following statements correctly describe passive and active packet sniffing? Select three answers.
- A company can avoid using unprotected Wi-Fi to help protect itself from packet sniffing.
- Passive packet sniffing allows malicious actors to view the information going in and out of the targeted device.
- Passive packet sniffing enables attackers to change the information a packet contains.
- Active packet sniffing may enable attackers to redirect the packets to unintended ports.
25. As a security professional, you implement safeguards against attackers changing the source IP of a data packet in order to communicate over your company’s network. What type of network attack are you trying to avoid?
- Passive packet sniffing
- Ping of Death
- Active packet sniffing
- IP spoofing
26. What do network-level Denial of Service (DoS) attacks target?
- Commonly used software applications
- All hardware within an organization
- Network bandwidth
- The personal information of employees
27. Fill in the blank: The DoS attack _____ occurs when an attacker repeatedly sends ICMP packets to a network server.
- on-path
- smurf
- SYN flood
- ICMP flood
28. As a security professional, you take steps to stop an attacker from changing the source IP of a data packet in order to impersonate your authorized system. What type of network attack are you working to prevent?
- Ping of Death
- IP spoofing
- Passive packet sniffing
- Active packet sniffing
29. What are some common IP spoofing attacks? Select all that apply.
- on-path attacks
- replay attacks
- smurf attacks
- KRACK attacks
30. In which attack would malicious actors gain access to a network, put themselves between a web browser and a web server, then sniff the packet to learn the devices’ IP and MAC addresses?
- Smurf attack
- On-path attack
- Packet flooding attack
- Malware attack