Which property of secure communication ensures that people are who they say they are when communicating over the internet?
Authentication
This property is crucial for verifying identities in digital communications.
Which property of secure communication ensures that a message is not modified before it reaches the receiver?
Integrity
Integrity protects the accuracy and consistency of data during transmission.
Which property of secure communication is protected by encrypting the messages exchanged?
Confidentiality
Confidentiality ensures that information is accessible only to those authorized to have access.
Attackers tend to keep the uptime of domains used for malicious purposes as short as possible in order to avoid being detected.
T/F
FALSE
Attackers may keep domains active longer to exploit them before detection.
Round Robin DNS is a mechanism used by large websites to distribute the load of incoming requests to several servers at a single physical location.
T/F
TRUE
This method helps balance traffic and improve performance.
DNS-based content delivery aims to distribute the load amongst multiple servers at a single location, but also distribute these servers across the world.
T/F
TRUE
This approach enhances responsiveness and availability for users globally.
DNS-based content delivery determines the nearest server, which results in increased responsiveness and availability.
T/F
TRUE
Proximity to servers reduces latency and improves user experience.
Legitimate networks may let malicious content be up for weeks to more than a year.
T/F
FALSE
Legitimate networks typically act quickly to remove malicious content.
How does FIRE identify the most malicious networks?
Analyzing the information given by data sources and searching for ASes with a large percentage of malicious IP addresses.
This method focuses on identifying patterns of malicious activity.
ASwatch uses information exclusively from the data plane to infer network reputation.
T/F
FALSE
ASwatch also considers control plane data for a comprehensive analysis.
ASwatch relies on the premise that ‘bulletproof’ ASes have distinct interconnection patterns and overall different control plane behavior from most legitimate networks.
T/F
TRUE
This distinction helps in identifying potentially malicious networks.
In order to stop a prefix or AS-Path announcement attack, we need access to the ——, such as IP prefixes and AS-paths.
Control Plane data
Control Plane data includes IP prefixes and AS-paths necessary for mitigation.
In attacks where network traffic is dropped, manipulated or impersonated, the data accessed is located at the ——–.
Data Plane
The Data Plane is responsible for the actual transmission of data packets.
Which attack disrupts the BGP characteristic to favor more specific prefixes?
Sub-prefix hijacking
This attack can lead to routing issues and traffic misdirection.
ARTEMIS uses a configuration file and a mechanism for receiving BGP updates from routers and monitoring services to detect BGP hijacking attacks.
T/F
TRUE
This system enhances the detection of routing anomalies.
A Distributed Denial of Service Attack consists of the attacker sending a large volume of traffic to the victim through servers (slaves), so that the victim host becomes unreachable or in exhaustion of its bandwidth.
T/F
TRUE
DDoS attacks aim to overwhelm the target’s resources.
IP spoofing is the act of setting a false IP address in the source field of a packet with the purpose of impersonating a legitimate server.
T/F
False
In a reflection attack, the attackers use a set of reflectors to initiate an attack on the victim.
T/F
TRUE
Reflectors amplify the attack traffic directed at the victim.
During a Reflection and Amplification attack, the slaves set the source address of the packets to the ——–.
Victim’s IP address
This misdirection increases the attack’s effectiveness.
What is the difference between a conventional DDoS and a Reflection and Amplification attack?
In a DDoS attack, the slaves send traffic directly to the victim as opposed to a reflector sending the traffic to the victim.
This distinction highlights the mechanics of each attack type.
Which mitigation technique uses fine-grained filters across AS domain borders, and attributes such as length and fragment can be used to match traffic?
BGP Flowspec
BGP Flowspec allows for more precise traffic management.
Which defense mechanism consists of a service that diverts the incoming traffic to a specialized server, where traffic is divided into either clean or unwanted traffic, and clean traffic is then sent to its original destination?
Traffic Scrubbing Services
This service enhances network security by filtering out malicious traffic.
BGP Blackholing stops the traffic closer to the destination of the attack.
T/F
FALSE
BGP Blackholing is designed to stop traffic closer to the source of the attack.
BGP Blackholing is used to mitigate DDoS attacks.
T/F
TRUE
This technique helps to prevent further damage during an attack.
-
Module 1: Quiz10
-
Module 1: Practice Quiz5
-
Module 2: Quiz21
-
Module 2: Practice Quiz4
-
Module 3: Quiz21
-
Module 3: Practice Quiz14
-
Module 4: Quiz23
-
Module 4: Practice Quiz21
-
Module 5: Quiz13
-
Module 5: Practice Quiz27
-
Module 6: Quiz10
-
Module 7: Practice Quiz18
-
Module 7: Quiz13
-
Module 8: Practice Quiz33
-
Module 8: Quiz21
-
Module 9: Practice Quiz24
-
Module 9: Quiz16
-
Module 10: Practice Quiz13
-
Module 10: Quiz14
-
Module 11: Practice Quiz25
-
Module 11: Quiz15
-
Module 12: Quiz12
-
Module 7: AI11
-
Module 8: AI18
-
Module 9: AI23
-
Module 10: AI23
-
Module 11: AI28
-
Module 12: AI24
