Exam 5: Networking and Server Attacks

Which type of attack below is similar to a passive man-in-the-middle attack?

Securing web applications is easier than protecting other systems.

An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:

How is a network-based MITM attack executed?

Which SQL injection statement example below could be used to discover the name of the table?

What are zero-day attacks?

How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?

When TCP/IP was developed,the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:

A DNS amplification attack floods an unsuspecting victim by redirecting valid responses to it.

How does a cross-site request forgery (XSRF)attack work?

What directory are the host tables found in the /etc/ directory in UNIX,Linux,and macOS on a Windows system?

What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor?

JavaScript cannot create separate stand-alone applications.

Traditional network security devices can block traditional network attacks,but they cannot always block web application attacks.

A SYN flood attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer.

When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads,what type attack is being performed?

What criteria must be met for an XXS attack to occur on a specific website?

The exchange of information among DNS servers regarding configured zones is known as:

XSS is like a phishing attack but without needing to trick the user into visiting a malicious website.

The return address is the only element that can be altered in a buffer overflow attack.