Network Security Fundamentals [Electronic resources] نسخه متنی

What is IP fragmentation offset used for?

Answer: IP fragmentation offset is used to keep track of the different parts of a datagram. It may be necessary to split larger datagrams as they travel from one router to the next router in a small packet network.

Name the method attackers use to replace the IP address of the sender or, in some rare cases, the destination address with a different IP address.

Answer: This method is called IP address spoofing.

What is a covert TCP/IP channel?

Answer: Covert TCP/IP channels are instances in which communication channels are established and data can be secretly passed between two end systems.

The Ping of Death attack is a good example of what type of attack?

Answer: The Ping of Death attack is a good example of the IP fragmentation attack.

What happens during a buffer overflow?

Answer: During a buffer overflow, more data is retrieved than can be stored in a buffer location. The additional information must go into an adjacent buffer, resulting in overwriting the valid data held there.

List the two tasks the attacker must perform during a buffer overflow attack.

Answer:

• The attacker must place dirty code in the program's code address space.

• The attacker codes the privileged program so that it jumps to that particular part of the code.

List two spoofing attacks.

Answer: Two spoofing attacks would be ARP spoofing and DNS spoofing.

During an ARP spoofing attack, does the attacker exploit the hardware address or the IP address of a host?

Answer: The attacker exploits the hardware address of a host.

List two antispoofing measures for an ARP spoofing attack.

Answer: Two antispoofing measures for an ARP spoofing attack are ARP server and static ARP.

There are a number of techniques that can be used in a social engineering attack. List three techniques.A10:

Answer: Three social engineering techniques include reverse social engineering, e-mails and phone calls, and authority abuse.