Section 4.2 Demonstrate your acquired knowledge about summarizing various types of attacks and their impact to the network.. This will demonstrate your proficiency for section 4.2 of the Network+ 10-009 objectives. 1 / 25 What’s the best immediate response if an evil twin AP is suspected in a corporate wireless environment? Shut down DNS servers Send deauthentication frames Disable the suspicious AP and alert security Restart Layer 2 switches 2 / 25 Which tool is useful in identifying rogue DHCP servers on a network? VPN tunnel Packet sniffer NTP server Port mirroring 3 / 25 What’s a likely symptom of a DNS poisoning attack on a local network? Slow switching speed Unauthorized VLAN hopping Users being redirected to unintended websites Duplicate MAC addresses appearing 4 / 25 What makes a worm more dangerous than a virus in a networked environment? Uses MAC flooding Requires a host application Spreads without human intervention Is immune to antivirus 5 / 25 What is the primary purpose of a rootkit? Flood a network switch Hide the presence of malicious software Scan for open ports Provide firewall access 6 / 25 Which type of malware disguises itself as legitimate software? Worm Ransomware Trojan horse Rootkit 7 / 25 Ransomware is a form of malware that: Sends ARP packets continuously Extracts files from VLANs Encrypts user data and demands payment Redirects DNS queries 8 / 25 Which of the following is not a characteristic of malware? Self-replicating Physically installed without media Disrupts or compromises systems Delivered via email or USB 9 / 25 Tailgating is an example of: DNS cache manipulation Physical social engineering VLAN attack DHCP spoofing 10 / 25 Shoulder surfing is best prevented by: DNSSEC Encryption Privacy filters and user awareness MAC address filtering 11 / 25 Dumpster diving could result in which of the following? Gaining access to MAC tables Discovering sensitive written or printed information Triggering a DDoS Elevating VLAN privileges 12 / 25 What’s the key difference between phishing and spear phishing? One uses malware Spear phishing targets specific individuals Phishing requires DNS access Spear phishing is only physical 13 / 25 An attacker sets up a system that intercepts communications between two parties without their knowledge. What attack is this? DNS spoofing VLAN hopping On-path (man-in-the-middle) attack Shoulder surfing 14 / 25 How does an evil twin AP attack work? It floods the switch with MAC addresses Mimics a legitimate access point to trick users into connecting Uses VLAN hopping to bypass security Deactivates DHCP servers 15 / 25 What is a common indicator of a rogue access point (AP) on a wireless network? MAC address changes Duplicate SSID with stronger or similar signal strength Unauthorized DNS queries VLAN assignment errors 16 / 25 A rogue DHCP server can cause which of the following? On-path attacks Devices receiving incorrect IP configurations Broadcast storms Switches failing to route 17 / 25 What can result from DNS spoofing? Overloaded switch Users redirected to malicious websites Deauthentication of users VLAN remapping 18 / 25 DNS poisoning involves: Overwriting the MAC address table Stealing DHCP leases Injecting false information into DNS cache Disabling DNS service 19 / 25 What is the difference between ARP spoofing and ARP poisoning? Spoofing is software-based, poisoning is hardware-based Spoofing sends falsified ARP messages, poisoning is the result There is no difference Poisoning only works with IPv6 20 / 25 ARP poisoning can lead to which type of attack? VPN hijacking On-path (man-in-the-middle) interception MAC address duplication Packet fragmentation 21 / 25 Which attack tricks a host into associating an attacker’s MAC address with a legitimate IP address? Evil twin DNS poisoning ARP spoofing VLAN hopping 22 / 25 In VLAN hopping, an attacker attempts to: Exploit DNS caching Perform DoS attacks on routers Gain unauthorized access to another VLAN Infect a device with malware 23 / 25 What is the goal of a MAC flooding attack? Manipulate VLAN tagging Steal wireless credentials Overwhelm a switch’s MAC address table to force broadcast behavior Redirect DNS queries 24 / 25 What makes a DDoS attack different from a DoS attack? Targets only Layer 3 devices Originates from multiple sources simultaneously Uses encryption to hide its source Can only target web servers 25 / 25 Which of the following best describes a DoS attack? Attack using social engineering Overwhelming a system to make it unavailable Stealing DNS credentials Manipulating VLANs for access Your score is 0% Restart quiz Return to CompTia N+ 10-009 Objectives
