Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee’s computer?

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard
or monitor of an employee’s computer?

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard
or monitor of an employee’s computer?

A.
Man-in-the-middle attack

B.
Denial-of-Service (DoS) attack

C.
Buffer-overflow attack

D.
Shoulder surfing attack

Explanation:
The Shoulder surfing attack is often performed by looking surreptitiously at the keyboard or monitor
of an employee’s computer.
Shoulder surfing is a type of in person attack in which an attacker gathers information about the
premises of an organization. This attack is often performed by looking surreptitiously at the
keyboard or monitor screen of an employee’s computer while he is typing in his password at any

access point such as a terminal/Web site. An attacker can also gather information by looking at open
documents on the employee’s desk, posted notices on the notice boards, etc.
Answer option A is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts
an intermediary software or program between two communicating hosts. The intermediary software
or program allows attackers to listen to and modify the communication packetspassing between the
two hosts. The software intercepts the communication packets and then sends the information to
the receiving host. The receiving host responds to the software, presuming it to be the legitimate
client.
Answer option C is incorrect. A buffer-overflow attack is performed when a hacker fills a field,
typically an address bar, with more characters than it can accommodate. The excess characters can
be run as executable code, effectively giving the hacker control of the computer and overriding any
security measures set.
Answer option B is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of
causing a negative impact on the performance of a computer or network. It is also known as network
saturation attack or bandwidth consumption attack. Attackers make Denial-of-Service
attacks by sending a large number of protocol packets to a network. A DoS attack can cause the
following to occur:
Saturate network resources.
Disrupt connections between two computers, thereby preventing communications between
services.
Disrupt services to a specific computer.
A SYN attack is a common DoS technique in which an attacker sends multiple SYN packets to a target
computer. For each SYN packet received,
the target computer allocates resources and sends an acknowledgement (SYN-ACK) to the source IP
address. Since the target computer does not receive a response from the attacking computer, it
attempts to resend the SYN-ACK. This leaves TCP ports in the half-open state. When
an attacker sends TCP SYNs repeatedly before the half-open connections are timed out, the target
computer eventually runs out of resources and is unable to handle any more connections, thereby
denying service to legitimate users.
Reference:
“http://en.wikipedia.org/wiki/Shoulder_surfing_(computer_security)”



Leave a Reply 0

Your email address will not be published. Required fields are marked *