The "Foundation Summary" section of each chapter lists the most important facts from the chapter. Although this section does not list every fact from the chapter that will be on your CSI exam, a well-prepared CSI candidate should at a minimum know all the details in each "Foundation Summary" section before taking the exam.
Sophisticated network attacks include the following:
IP spoofing Attackers, whether within a network or outside a network, attempt to gain access to a restricted resource by disguising the IP address of their systems as that of other systems.
Packet sniffer A software application that uses a network adapter card in promiscuous mode. In promiscuous mode, the network adapter card is able to receive all packets on the physical network wire and pass those packets up to an application.
Password attack An attacker captures a user's password to access the system with that user's privilege level.
Man-in-the-middle attack An attacker intercepts packets crossing a network, modifies or falsifies the information in those packets, and then reinjects the modified packets into the network.
Port redirection A form of trust exploitation in which an attacker uses a compromised host to relay traffic passed through an open port on a firewall or in a router's access lists that would normally be denied.
Virus and Trojan-horse applications Viruses are small pieces of mobile code that attach to other programs or documents and can then infect a computer when the program is executed or the document is opened. Trojan horses are applications that appear to be benign but contain potentially malicious code that can be used to attack the system it is run on.