Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps
an attacker to hide? Each correct answer represents a complete solution. Choose two.
A.
DNS cache poisoning
B.
MAC spoofing
C.
IP spoofing attack
D.
DDoS attack
Explanation:
Either IP spoofing or MAC spoofing attacks can be performed to hide the identity in the
network. MAC spoofing is a hacking technique of
changing an assigned Media Access Control (MAC) address of a networked device to a different one.
The changing of the assigned MAC
address may allow the bypassing of access control lists on servers or routers, either hiding a
computer on a network or allowing it to
impersonate another computer.
MAC spoofing is the activity of altering the MAC address of a network card.
Answer option A is incorrect. DNS cache poisoning is a maliciously created or unintended situation
that provides data to a caching name server
that did not originate from authoritative Domain Name System (DNS) sources. Once a DNS server
has received such non-authentic data and
caches it for future performance increase, it is considered poisoned, supplying the non-authentic
data to the clients of the server. To perform a
cache poisoning attack, the attacker exploits a flaw in the DNS software. If the server does not
correctly validate DNS responses to ensure
that they are from an authoritative source, the server will end up caching the incorrect entries
locally and serve them to other users that make
the same request.
Answer option D is incorrect. In a distributed denial of service (DDOS) attack, an attacker uses
multiple computers throughout the network
that has been previously infected. Such computers act as zombies and work together to send out
bogus messages, thereby increasing theamount of phony traffic. The major advantages to an attacker of using a distributed denial-of-service
attack are that multiple machines can
generate more attack traffic than one machine, multiple attack machines are harder to turn off than
one attack machine, and that the behavior
of each attack machine can be stealthier, making it harder to track down and shut down. TFN,
TRIN00, etc. are tools used for a DDoS attack.