A file is replace by another file that provides the same service but also has a secret operation that is meant to subvert security. What is this type of attack called?
A.
A buffer overflow attack
B.
A Trojan attack
C.
A denial-of-service attack
D.
An illicit server attack
Explanation:
This question can be confused with the illicit server attack. The question is asking about the process of the file replacement, not the execution of the service that the file provides. The file replacement process, where a file containing a service – but with a security back door, is called a Trojan horse, usually passed as the result of a virus.
Incorrect Answers:
A: A buffer overflow attack is where you send enough data to either deplete all the buffers or overflow the buffer itself. For example, you send a packet that is larger than the maximum size of the buffer, causing part of the system to be overlaid, and crashing the task or system. This occurs when there are bugs in the code that do not properly check for these conditions, and corrupt the system, leading to a failure.
C: Denial of service is when the attack prevents legitimate users from accessing the server. Usually the server is flooded with so many messages that no one else can gain access. Of course, if you crash the server, and the server is down, that too is a denial of service because the server was made inaccessible to legitimate users.
D: An illicit server attack is when you have an unauthorized service or daemon running on the system that can cause harm.