Scribd Logo
Upload

Welcome to Scribd!

  • 3.9 Access Attacks

    Uploaded by

    Islam Deif
    6 views2 pages
    CCNA Cyber OPS SECFND

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    CCNA Cyber OPS SECFND

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views2 pages

    3.9 Access Attacks

    Uploaded by

    Islam Deif
    CCNA Cyber OPS SECFND

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    4/24/2018 Understanding Cisco Cybersecurity Fundamentals

    3.9 Understanding Common TCP/IP Attacks

    Access Attacks

    Open Transcript

    An access attack is an attempt to access another user account or network device through improper, unauthorized means.
    Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web
    accounts, confidential databases, and other sensitive information. After gaining access to your network with a valid account,
    an attacker can obtain lists of valid user and computer names and network information, modify server and network
    configurations, including access controls and routing tables, and modify, reroute, or delete your data.

    There are many attacks which can lead to a system being compromised, and allowing the attacker to gain unauthorized
    access to the system. The following are some prominent types of attacks:

    • Password attack is typically used to obtain system access. When access is obtained, the attacker is able to read,
    modify, or delete data, and add, modify, or remove network resources. For example, tools like "John the ripper," and
    "Cain and Abel" are password cracker tools.

    • Spoofing/masquerading attack is a situation in which one person or program successfully masquerades as another by
    falsifying data and gaining illegitimate access.

    • Session hijacking is an attack in which the session established by the client to the server is taken over by a malicious
    person or process.

    • Malware is used to infect the victim's system with malicious software.

    Content Review Question

    https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/3/pages/9 1/2
    4/24/2018 Understanding Cisco Cybersecurity Fundamentals

    Which one of the following types of malware masquerades as a legitimate software, but is actually malicious when
    launched?

    brute-force

    DoS

    Trojan

    smurf

    Submit

    Content Review Question

    The type of access attack that allows an attacker to take over a session or spoof a session is done using which
    technique?

    brute-force

    password attack

    man-in-the-middle

    malware insertion

    Submit

    https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/3/pages/9 2/2

    You might also like