Deck 7: Denial-Of-Service Attacks

A SIP flood attack exploits the fact that a single INVITE request
triggers considerable resource consumption.

The best defense against being an unwitting participant in a DDoS
attack is to prevent your systems from being compromised.

Flooding attacks take a variety of forms based on which network
protocol is being used to implement the attack.

There is very little that can be done to prevent a flash crowd.

The attacker needs access to a high-volume network connection for a
SYN spoof attack.

A denial-of-service attack is an attempt to compromise availability by
hindering or blocking completely the provision of some service.

SYN-ACK and ACK packets are transported using IP,which is an
unreliable network protocol.

Given sufficiently privileged access to the network handling code on a
computer system,it is difficult to create packets with a forged source
address.

A cyberslam is an application attack that consumes significant
resources,limiting the server's ability to respond to valid requests from
other users.

A DoS attack targeting application resources typically aims to overload
or crash its network handling software.

Reflector and amplifier attacks use compromised systems running the
attacker's programs.

The SYN spoofing attack targets the table of TCP connections on the
server.

Slowloris is a form of ICMP flooding.

DoS attacks cause damage or destruction of IT infrastructures.

The standard protocol used for call setup in VoIP is the ________ Protocol.

The ICMP echo response packets generated in response to a ping flood using randomly spoofed source addresses is known as _______ traffic.

______ attacks are a variant of reflector attacks and also involve sending a packet with a spoofed source address for the target system to intermediaries.

During a ______ attack,the attacker sends packets to a known service on the intermediary with a spoofed source address of the actual target system and when the intermediary responds,the response is sent to the target.

The four lines of defense against DDoS attacks are: attack prevention and preemption,attack detection and filtering,attack source traceback and identification and _______.

_____ attacks flood the network link to the server with a torrent of malicious packets competing with valid traffic flowing to the server.

Requests and _______ are the two different types of SIP messages.

The best defense against broadcast amplification attacks is to block the use of _______ broadcasts.

In reflection attacks,the ______ address directs all the packets at the desired target and any responses to the intermediary.

A _______ flood refers to an attack that bombards Web servers with HTTP requests.

If an organization is dependent on network services it should consider mirroring and ________ these servers over multiple sites with multiple network connections.

A _____ is an action that prevents or impairs the authorized use of networks,systems,or applications by exhausting resources such as central processing units,memory,bandwidth,and disk space.

A ______ is a graphical puzzle used to attempt to identify legitimate human initiated interactions.

Since filtering needs to be done as close to the source as possible by routers or gateways knowing the valid address ranges of incoming packets,an _______ is best placed to ensure that valid source addresses are used in all packets from its customers.

To respond successfully to a DoS attack a good ______ plan is needed that includes details of how to contact technical personal for your ISP(s).