21. Fill in the blank: The maximum size of a correctly formatted IPv4 ICMP packet is _____, as opposed to the oversized packet that is sent during a Ping of Death attack.

  • 32KB
  • 64TB
  • 15Gb
  • 64KB

22. Fill in the blank: To reduce the chances of an IP spoofing attack, a security analyst can configure a _____ to reject all incoming traffic with the same source IP addresses as those owned by the organization.

  • VPN
  • HTTPS domain address
  • firewall
  • demilitarized zone

23. Which of the following statements accurately describe Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks? Select three answers.

  • A DoS attack may use multiple servers in different locations to flood the target network with unwanted traffic.
  • A DDoS attack is intended to overwhelm the target server.
  • A DoS attack may involve flooding a network with traffic.
  • In both DoS and DDoS attacks, if any part of the network is overloaded, the attacks are successful.

24. Which of the following statements correctly describe passive and active packet sniffing? Select three answers.

  • A company can avoid using unprotected Wi-Fi to help protect itself from packet sniffing. 
  • Passive packet sniffing allows malicious actors to view the information going in and out of the targeted device. 
  • Passive packet sniffing enables attackers to change the information a packet contains.
  • Active packet sniffing may enable attackers to redirect the packets to unintended ports.

25. As a security professional, you implement safeguards against attackers changing the source IP of a data packet in order to communicate over your company’s network. What type of network attack are you trying to avoid?

  • Passive packet sniffing
  • Ping of Death
  • Active packet sniffing
  • IP spoofing

26. What do network-level Denial of Service (DoS) attacks target?

  • Commonly used software applications
  • All hardware within an organization
  • Network bandwidth
  • The personal information of employees

27. Fill in the blank: The DoS attack _____ occurs when an attacker repeatedly sends ICMP packets to a network server.

  • on-path
  • smurf
  • SYN flood
  • ICMP flood

28. As a security professional, you take steps to stop an attacker from changing the source IP of a data packet in order to impersonate your authorized system. What type of network attack are you working to prevent?

  • Ping of Death
  • IP spoofing
  • Passive packet sniffing
  • Active packet sniffing

29. What are some common IP spoofing attacks? Select all that apply.

  • on-path attacks
  • replay attacks
  • smurf attacks
  • KRACK attacks

30. In which attack would malicious actors gain access to a network, put themselves between a web browser and a web server, then sniff the packet to learn the devices’ IP and MAC addresses?

  • Smurf attack
  • On-path attack
  • Packet flooding attack
  • Malware attack

Leave a Reply