Denial-of-Service 2023 Practice Questions and Answers with complete solution
0 view 0 purchase
Course
Denial-of-Service
Institution
Denial-of-Service
Denial-of-Service 2023 Practice Questions and Answers with complete solution
During the penetration testing of the MyBank public website, Marin discovered a credit/interest calculator running on server side, which calculates a credit return plan. The application accepts the following parameters:...
denial of service 2023 practice questions and answers with complete solution during the penetration testing of the mybank public website
marin discovered a creditinterest calculator running on serv
Written for
Denial-of-Service
All documents for this subject (7)
Seller
Follow
LECTMAGGY
Reviews received
Content preview
Denial-of-Service 2023 Practice Questions and Answers
with complete solution
During the penetration testing of the MyBank public website, Marin discovered a
credit/interest calculator running on server side, which calculates a credit return plan.
The application accepts the following parameters:
amount=100000&duration=10&scale=month
Assuming that parameter amount is the amount of credit, the user is calculating the
interest and credit return plan (in this case for 100,000 USD), parameter duration is the
timeframe the credit will be paid off, and scale defines how often the credit rate will be
paid (year, month, day, ...). How can Marin proceed with testing weather this web
application is vulnerable to DoS?
Change the parameter duration to a large number and change scale value to "day" and
resend the packet few times to observe the delay.
Change the parameter duration to a small number and leave scale value on "month"
and resend the packet few times to observe the delay.
Leave the parameter duration as is and change the scale value to "year" and resend the
packet few times to observe the delay.
Change the parameter duration to a small number and change scale value to "day" and
resend the packet few times to observe the delay.
Change the parameter duration to a large number and change scale value to "day" and
resend the packet few times to observe the delay.
When a client's computer is infected with malicious software which connects to the
remote computer to receive commands, the client's computer is called a ___________
Bot
Botnet
Command and Control(C&C)
Client
Bot
Identify the type of a DoS attack where an attacker sends e-mails, Internet relay chats
(IRCs), tweets, and posts videos with fraudulent content for hardware updates to the
victim with the intent of modifying and corrupting the updates with vulnerabilities or
defective firmware.
, SYN flooding attack
Internet control message protocol(ICMP) flood attack
Ping of death attack
Phlashing attack
Phlashing attack
Which of the following is considered to be a smurf attack?
An attacker sends a large amount of ICMP traffic with a spoofed source IPaddress.
An attacker sends a large amount TCP traffic with a spoofed source IPaddress.
An attacker sends a large number of TCP connection requests with spoofed source
IPaddress.
An attacker sends a large number of TCP/user datagram protocol (UDP) connection
requests.
An attacker sends a large amount of ICMP traffic with a spoofed source IPaddress.
The DDoS tool created by anonymous sends junk HTTP GET and POST requests to
flood the target, and its second version of the tool (the first version had different name)
that was used in the so-called Operation Megaupload is called _______.
HOIC
BanglaDOS
Dereil
Pandora DDoS
HOIC
Mike works for a company "Fourth Rose Intl." as the sales manager. He was sent to Las
Vegas on a business trip to meet his clients. After the successful completion of his
meeting, Mike went back to his hotel room, connected to the hotel Wi-Fi network and
attended his other scheduled online client meetings through his laptop. After returning
back to his office headquarters, Mike connects his laptop to the office Wi-Fi network and
continues his work; however, he observes that his laptop starts to behave strangely. It
regularly slows down with blue screening from time-to-time and rebooting without any
apparent reason. He raised the issue with his system administrator. Some days later,
the system administrator in Mike's company observed the same issue in various other
computers in his organization. Meanwhile, he has also observed that large amounts of
unauthorized traffic from various IP addresses of "Fourth Rose Intl." were directed
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller LECTMAGGY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $8.74. You're not tied to anything after your purchase.