Password and Network Attacks
The process of manipulating others into providing sensitive information.
What is social engineering?
Filters applied at each endpoint through software agents that enforce browsing rules locally.
What is agent-based filtering?
This security feature has three different types (physical, electronic, and biometric).
What is a lock?
Handles traffic between devices on the same network.
What is a switch?
Hardware or software used to monitor and analyze digital traffic over a network for troubleshooting or security purposes.
What is a protocol analyzer?
An attacker tries every possible password until one works.
What is a brute force attack?
Wireless sniffer captures Wi-Fi signals to detect connected devices without alerting them.
What is a passive security control?
Detects heat changes from moving objects, often used for motion-triggered alarms or lights.
What is an Infrared sensor?
Device that monitors and filters network traffic based on security rules.
What is a firewall?
Directly probe target systems and networks to collect information, typically generating observable network traffic.
What is active reconnaissance?
A user connects to public Wi‑Fi; an attacker on the same network intercepts the traffic and captures the user’s login credentials.
What is an on-path attack?
A device that distributes traffic across multiple servers and ensures the system remains available even if one server fails.
What is a load balancer?
This individual can use protocol analyzers to modify traffic, check packer data, and troubleshoot issue.
What is a network administrator?
A company separates its network so that HR, finance, and engineering each have their own subnet with different access rules, and traffic between them passes through a router with security checks.
What is segmentation?
Packet sniffing, eavesdropping, and dumpster driving of what?
What is passive reconnaissance?
User types www.healthbenefits.com, but because an attacker mapped the legitimate domain to a malicious IP in the DNS cache, attacker can steal data.
What is DNS Client Cache Poisoning?
A public-facing network that acts as a buffer between the internet and internal network.
What is a screened subnet?
VPN tunneling style that routes only selected traffic through the VPN while other traffic uses the normal internet connection
What is split tunnel?
A device that silently copies network traffic and forwards it to a monitoring system for analysis.
What is a TAP (Test Access Point)?
This group can use protocol analyzers to detect credentials being sent in cleartext over the network.
What is the security operations team?
The full rainbow table command to crack all passwords in a file.
rcrack . -l /path/to/file.txt
A company uses one firewall with three interfaces to separate the internal network, the screened subnet, and the internet instead of using two separate firewalls. What is the name of this device?
What is a dual-homed gateway?
This VPN protocol combines tunneling at Layer 2 with IPsec to encrypt data sent through the VPN.
What is Layer 2 Tunneling Protocol (L2TP)?
A security technique that keeps connections open but drops data to make attackers believe the target is responding.
What is a tarpit?
A network administrator configures a switch to copy all traffic from several ports to one port so a monitoring tool can analyze the data.
What is port mirroring?