Question 1In which of the following techniques does an attacker predict the sequence numbers that a victim host sends to create a connection that appears to originate from the host and then hijacks the communication? 1 pointDNS poisoning Blind hijacking IP spoofing UDP flood attack 2.Question 2In which of the following session hijacking phases does an attacker break the connection to the victim’s machine by knowing the next sequence number (NSN)? 1 pointMonitor Session desynchronization Command injection Session ID prediction

Question 1Which of the following protocols is a TCP/IP-based protocol used to exchange management information between devices connected on a network? 1 pointPOPTelnet HTTP SNMP 2.Question 2Clark, a professional hacker, targeted an organization’s network to steal credentials being shared during active sessions. He collected the physical address of the legitimate users connected to the switch port. Then, Clark started spoofing his physical address with the physical address of a legitimate client and received all the traffic destined for that client.Which of the following attacks has Clark performed in the above scenario? 1 pointDNS poisoning DHCP starvation attack MAC duplicating ARP spoofing 3.Question 3Identify the type of attack in which the attacker sends a large number of connection requests to the target server with fake source IP addresses, creating incomplete TCP connections that use up all network resources. 1 pointDNS poisoning Packet sniffing MAC flooding SYN flood attack 4.Question 4Zara, a network administrator, implements defensive strategies in her organization to increase network security. She follows a list of security best practices to prevent DoS/DDoS attacks.Which of the following practices is not a defensive measure against DoS/DDoS attacks? 1 pointPrevent the return addresses from being overwritten Update the kernel to the latest release and disable unused and insecure services Block all inbound packets originating from the service ports to block the traffic from reflection servers Disable TCP SYN cookie protection 5.Question 5Identify the type of attack in which an attacker seizes control of a valid TCP communication between two computers and gains access to a machine while the communication is in progress. 1 pointPacket sniffing MAC flooding Session hijacking DoS attack

Question 1David, a network administrator, was assigned to analyze the network for signatures of a session hijacking attack on an organization. David captured all the network traffic using packet sniffing tools and used various filters to find any repeated ARP update packets.Which of the following methods has David employed in the above scenario to detect session hijacking attacks? 1 pointIntrusion detection system Automatic method Intrusion prevention system Manual method 2.Question 2Which of the following countermeasures should be followed to defend against session hijacking? 1 pointDisable browsers to verify website authenticity Use HPKP to allow users to authenticate web servers Allow the cross-site scripts known as CSRF from the client side Enable compression mechanisms of HTTP requests

Question 1Smith, a professional hacker, initiated a network sniffing attack on the switched Ethernet environment of a target organization. He employed an automated tool to flood the switch with a fake physical address until the switch translation table became full. When the switch entered fail-open mode, it started acting as a hub by broadcasting packets. Now, Smith could easily accomplish his goal of network sniffing.Identify the type of attack performed by Smith in the above scenario. 1 pointARP spoofing DHCP starvation MAC flooding DNS poisoning 2.Question 2Which of the following tool helps an attacker perform an ARP poisoning attack? 1 pointWireshark High Orbit Ion Cannon BetterCAP Nbtstat

Question 1What type of attack uses multiple devices or servers in different locations to flood the target network with unwanted traffic?1 pointDistributed Denial of Service (DDoS) attackDenial of Service (DoS) attack Phishing attackTailgating attack2.Question 2What type of attack poses as a TCP connection and floods a server with packets simulating the first step of the TCP handshake?1 pointICMP flood SYN-ACK flood attackOn-path attackSYN flood attack3.Question 3Fill in the blank: The Denial of Service (DoS) attack _____ is caused when a hacker sends a system an ICMP packet that is bigger than 64KB.1 pointPing of DeathSYN flood On-pathICMP flood4.Question 4Which types of attacks take advantage of communication protocols by sending an overwhelming number of requests to a server? Select all that apply.1 pointICMP flood attackSYN flood attackTCP connection attackTailgating attack

Fill in the blank: The _____ network attack occurs when an attacker intercepts a data packet in transit, then repeats it at another time.1 pointreplaysmurfon-pathSYN flood