Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.

BASIC

Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

PRO

All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Network Attacks Transcription

Welcome to our Common Network Attacks and Countermeasures module. Wireless networks are detectable, even if you attempt to hide the SSID from broadcasting. Once a wireless local area network is discovered, attackers can then attempt to exploit vulnerabilities. There are several free utilities that allow attackers to footprint networks in the area.

Terms have been developed for this type of activity, including war walking where someone walks around attempting to find networks. War driving, where a person drives around in a vehicle equipped with a laptop, an antenna and a GPS, in order to locate available wireless local area networks. And plot the locations of those networks on a map using Global Positioning System, or GPS.

Warchalking is when individuals mark buildings or sidewalks to notify other users in the area of available wireless networks. This is commonly used for pedestrians. Site surveys are an analysis conducted by your engineers. This can help you to plan your wireless local area network, and also verify that everything is functioning properly after the system is installed.

It can also help you to detect rogue or unauthorized wireless access points, and you should remember that site surveys are a method to discover these unauthorized devices for the CISSP examination. Impersonation, or spoofing, is where an individual attempts to impersonate a person who is authorized on your network by using their credentials.

They can steal the credentials that are used to authenticate on the wireless local area network because pre-shared keys are very susceptible to theft and dictionary attacks. You can also spoof a MAC address to trick the wireless local area network device into thinking that you are in authorized device attempting to connect.

In order to prevent these type of attacks, you should use strong authentication mechanisms, preferably at least two factor authentication, as well as digital signatures and one time use passwords. You also have to be concerned about individuals intercepting your packets because this is very easy on public wireless networks.

You should never use public wireless networks to perform any type of sensitive communications. If you do find yourself needing to use a public wireless network, you should use a virtual private network to encrypt the communications between you and your recipient. You should never use your passwords or log into any websites using public WiFi, because individuals can capture your log in session and then pretend to be you on that website.

You also have to be concerned with individuals modifying, or altering, the data before you receive it. Man in the middle attacks is where an individual sets up an evil twin rogue access point. For example, if you go in to Starbucks, there could be an individual in there who has set up a fake access point on their laptop computer called Starbucks, causing individuals to connect to it thinking they are connecting to the actual Starbucks.

Instead, they are now connecting to the man in the middle, who is able to view all of the traffic that they send to wherever they're communicating with. In order to avoid these types of attacks, you can use WIFI protected access or WPA or WPA2, digital signatures to provide for mutual authentication.

And virtual private networks to encrypt the traffic so the individual is not able to place themselves between the two parties that are communicating. You can also have flooding attacks, which is a denial of service attack, attempting to take your system offline, so that your legitimate users are not able to use it.

For example, if an attacker sends more data than a system can handle, or sends several pings, or mail bombs, or malformed packets, they may be able to take your system offline. They can also jam the radio frequencies so that WiFi will not function correctly. In order to avoid these types of attacks, you should use multiple frequencies, filter packets before they reach the destination to insure that they are not malformed, or otherwise malicious.

And also patch your systems and your wireless network devices to make sure that they are up to date to avoid any attacks that have already been corrected by the manufacturer. Web spoofing attacks is where an impersonation occurs at the server level. The attacker redirects a user to a different site that appears to be the legitimate site.

For example, a PayPal login page that is not actually PayPal. Then your user attempts to log in, and the attacker now has the users username and password. This is common with email phishing, which is a social engineering technique, in which an attacker sends out an email message attempting to get an employee or user to click on a malicious link or a link to a fictitious website.

With a DNS poisoning attack, an attacker inserts bad information into a DNS server record, to point a legitimate website to a different hostile website. For example, when a user enters google.com, now the DNS server has been modified and they are forwarded to the fictitious google.com, which is a malicious site, rather than the real google.com.

In order to avoid this, you should use the most updated version of DNS and also provide for authentication of the DNS server using DNSSEC. You should be familiar with these types of attacks for the CISSP examination. We also have a few older style attacks that you should be familiar with because they could still occur, although they are much less popular.

The smurf attack is where the attacker uses ICMP echo broadcast traffic, and transmits it to all hosts on a network with a spoofed source address. All of the systems on the network will then begin sending ICMP echo reply packets to the victim. This causes the victim's system to go offline. The fragal attack is a denial of service attack similar to the smurf attack, but instead of broadcasting ICMP traffic, it broadcasts UDP data. You should be familiar with both of these types of attacks for the CISSP examination. With a distributed denial of service attack, or DDOS attack, you attempt to commit available resources on a system, so that it cannot respond to valid requests from legitimate users.

These attacks can be distributed and amplified by many other systems known as a botnet to commit the attack. Zombies are part of the botnet and they are compromised hosts, which are used to launch attacks against a specific target. The bot herder is the command in control center, which notifies the zombies of who to attack.

Here we can see a command and control system on the left, the attacker is notifying the bots or zombies via the handlers to attack a specific target. This is much more effective than attacking with a single machine. We call this a distributed denial of service attack because we have many different systems which can all be in different geographic locations, or distributed to attack a single target.

You can attempt to prevent distributed denial of service attacks at your land perimeter by dropping all ICMP packets, which originate from the internet at the firewall. There is no reason for individual's outside of your network on the internet to send you ICMP packets to your internal network. You should also drop any requests to broadcast addresses, because you do not want external individuals broadcasting traffic to all of the systems on your network.

You can also use ingress and egress filtering. Ingress filtering prohibits packets within internal source addresses from entering your network. And egress filtering prohibits packets from leaving your network with internal source addresses. Egress filtering prevents your network from being used to attack other individual's networks. This concludes our common network attacks, and counter measures module.

Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!

Membership Options and Pricing.



BASIC Not ready for serious certification attempt and just want to sample it?

FREE

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

1 Month PRO Only joining us for the final push?
This is for you!

99/month

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

3 Months PRO MOST POPULAR
Successful students spend 3 months preparing.

79/month USD 237 for 3 months

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

1 Year PRO Learn and study for your certification at your own pace.

59/month USD 708 per year

  • Thousands of practice test questions
  • Fully-featured exam engine
  • Continuous knowledge measurement and feedback
  • Reinforcement questions
  • Detailed exam question explanations
  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee

Train Your Team.

Subscriptions available for teams of 5 or greater.