You work as the security administrator at Domain.com. While monitoring network traffic, you find that your domain name server is resolving the domain name to the incorrect IP (Internet Protocol) address. You discover that Internet traffic is being misdirected.
You immediately suspect that an intruder has launched a malicious attack against the network. Which type of network attack is in progress?
A.
A DoS (Denial of Service) attack.
B.
A Spoofing attack.
C.
A Brute Force attack.
D.
A Reverse DNS (Domain Name Service).
Explanation:
Spoofing is when you forget the source address of traffic, so it appears to come from somewhere else, preferably somewhere safe and trustworthy. Web spoofing is a process where someone creates a convincing copy of a legitimate website or a portion of the world wide web, so that when someone enters a site that they think is safe, they end up communicating directly with the hacker. To avoid this you should rely on certificates, IPSEC, and set up a filter to block internet traffic with an internal network address.
Incorrect answers:
A: Denial of service (DoS) attacks prevents access to resources by users authorized to use those resources.
C: A brute force attack is an attempt to guess passwords until a successful guess occurs. This type of attack usually occurs over a long period. It can be accomplished by applying every possible combination of characters that could be the key.
D: Reverse DNS involves using an IP address to find a domain name, rather than using a domain name to find an IP address. PTR records are used for the reverse lookup, and often this is used to authenticate incoming connections.
Reference:
Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p. 54