January 2019

Article

[vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text]Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. [/vc_column_text][vc_row_inner row_type="row" type="full_width" text_align="left" css_animation=""][vc_column_inner][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern" css_animation=""][vc_column][vc_column_text] Carla noticed unusual spikes in network activity and, upon further investigation, determined that there are an usually high number of outbound DNS query responses. She also noticed that the query responses are significantly larger than the queries themselves. What type of attack should Carla suspect? A. Amplification B. Cross-site scripting C. DNS poisoning D. Pass the hash Correct Answer: A. The fact that the traffic is exceeding normal baselines and that the responses are much larger than the queries indicates that a DNS amplification attack may be underway. In this type of attack, the attacker sends spoofed DNS queries asking for large amounts of information. The source address on those queries is the IP address of the target system, which then becomes overwhelmed by the response packets. [/vc_column_text][/vc_column][/vc_row]...