Deck 7: Denial-Of-Service Attacks

Flooding attacks take a variety of forms based on which network
protocol is being used to implement the attack.

The SYN spoofing attack targets the table of TCP connections on the
server.

The best defense against being an unwitting participant in a DDoS
attack is to prevent your systems from being compromised.

A SIP flood attack exploits the fact that a single INVITE request
triggers considerable resource consumption.

Given sufficiently privileged access to the network handling code on a
computer system,it is difficult to create packets with a forged source
address.

DoS attacks cause damage or destruction of IT infrastructures.

Reflector and amplifier attacks use compromised systems running the
attacker's programs.

There is very little that can be done to prevent a flash crowd.

SYN-ACK and ACK packets are transported using IP,which is an
unreliable network protocol.

A cyberslam is an application attack that consumes significant
resources,limiting the server's ability to respond to valid requests from
other users.

Slowloris is a form of ICMP flooding.

A DoS attack targeting application resources typically aims to overload
or crash its network handling software.

The source of the attack is explicitly identified in the classic ping flood
attack.

The attacker needs access to a high-volume network connection for a
SYN spoof attack.

The best defense against broadcast amplification attacks is to block the use of _______ broadcasts.

The standard protocol used for call setup in VoIP is the ________ Protocol.

_____ attacks flood the network link to the server with a torrent of malicious packets competing with valid traffic flowing to the server.

______ attacks are a variant of reflector attacks and also involve sending a packet with a spoofed source address for the target system to intermediaries.

Requests and _______ are the two different types of SIP messages.

During a ______ attack,the attacker sends packets to a known service on the intermediary with a spoofed source address of the actual target system and when the intermediary responds,the response is sent to the target.

The four lines of defense against DDoS attacks are: attack prevention and preemption,attack detection and filtering,attack source traceback and identification and _______.

In reflection attacks,the ______ address directs all the packets at the desired target and any responses to the intermediary.

The ICMP echo response packets generated in response to a ping flood using randomly spoofed source addresses is known as _______ traffic.

A _______ flood refers to an attack that bombards Web servers with HTTP requests.

A _____ is an action that prevents or impairs the authorized use of networks,systems,or applications by exhausting resources such as central processing units,memory,bandwidth,and disk space.

To respond successfully to a DoS attack a good ______ plan is needed that includes details of how to contact technical personal for your ISP(s).

Since filtering needs to be done as close to the source as possible by routers or gateways knowing the valid address ranges of incoming packets,an _______ is best placed to ensure that valid source addresses are used in all packets from its customers.

If an organization is dependent on network services it should consider mirroring and ________ these servers over multiple sites with multiple network connections.

A ______ is a graphical puzzle used to attempt to identify legitimate human initiated interactions.