Chapter 1: Basic Access, Authentication Methods, and Implementation Modes
Chapter 2: Threats and Attacks Against Your Network
Chapter 3: Remote Access Security and Services
Chapter 4: Securing Traffic: Email and Web Security
Chapter 5: Web Attacks and Server Vulnerabilities
Chapter 6: Authentication Services
Chapter 7: Communication Security
Chapter 8: Infrastructure Design
Chapter 9: Media Security
Chapter 10: Security Topologies
Chapter 11: Intrusion Detection
Chapter 12: Creating a Security Plan: Baselines and Checklists
Chapter 13: Cryptography Concepts and Management
Chapter 14: Operational Security
Chapter 15: Policies and Procedures
Chapter 16: Security Management
Objectives
2.1 Denial of Service
2.1.1 Denial of Service (DoS) Attacks
2.1.2 Types of DoS Attacks
2.1.3 Floods
2.1.4 Christmas Tree Attacks
2.1.5 DoS Attacks on TCP/IP
2.1.6 DoS Defenses
2.1.7 DoS Wireless Considerations
2.2 Distributed Denial of Service
2.2.1 Distributed Denial of Service (DDoS) Attacks
2.2.2 Botnets and Zombies
2.2.3 SMURF Attack
2.2.4 Tribe Flood Network (TFN)
2.2.5 Stacheldraht Attack
2.3 Identity Theft
2.3.1 Identity Theft Overview
2.3.2 Back Door Attacks
2.3.3 Spoofing Attacks
2.3.4 Cross-Site Request Forgery
2.3.5 Compromised Key Attack
2.3.6 Peer-to-Peer Threats
2.4 Identity Attacks
2.4.1 Man-in-the-Middle Attacks
2.4.2 Poisoning the ARP Cache
2.4.3 Replay Attacks
2.4.4 TCP/IP Hijacking
2.4.5 Session Hijacking
2.4.6 DNS Poisoning
2.5 Common Attacks
2.5.1 Password Guessing Attacks
2.5.2 Software Exploitation
2.5.3 Initialization Vector Attacks
2.5.4 Bluesnarfing
2.6 Malicious Code
2.6.1 Basic Malicious Code
2.6.2 Viruses
2.6.3 Worms
2.6.4 Trojan Horses
2.6.5 Rootkits
2.6.6 Spyware and Adware
2.6.7 Browser Hijacker
2.6.8 URL or Location Poisoning
2.6.9 Zero-day Attacks
2.6.10 Malicious Code Defense
2.7 Code Injection Attacks
2.7.1 Command Injection Attacks
2.7.2 Cross-site Scripting Attacks
2.7.3 SQL and LDAP Injection Attacks
2.7.4 XML and XPath Injection Attacks
2.7.5 Directory Traversal Attacks
2.7.6 Header Manipulation
2.8 Phishing Attacks
2.8.1 Phishing
2.8.2 Spear Phishing and Whaling
2.8.3 Pharming
2.8.4 Smishing and Vishing
2.8.5 Spam and Spim
Summary
Exercise
Quiz
Lab
Exercise
You must print your completed exercise to submit to your instructor.
Do Not
close this window without printing your exercise or your answers will be lost.
Student's Name:
Class:
How does a Distributed Denial of Service attack work?
Why is it necessary to use anti-spoofing filters?
How does reverse trafficking work?
Why is a physical DoS attack on a wireless network so hard to track?
What is the best way to reduce the probability of a poisoned ARP cache attack?
Note: You must print your completed exercise to submit to your instructor.