Professional Documents
Culture Documents
Access Attacks
Open Transcript
An access attack is an attempt to access another user account or network device through improper, unauthorized means.
Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web
accounts, confidential databases, and other sensitive information. After gaining access to your network with a valid account,
an attacker can obtain lists of valid user and computer names and network information, modify server and network
configurations, including access controls and routing tables, and modify, reroute, or delete your data.
There are many attacks which can lead to a system being compromised, and allowing the attacker to gain unauthorized
access to the system. The following are some prominent types of attacks:
• Password attack is typically used to obtain system access. When access is obtained, the attacker is able to read,
modify, or delete data, and add, modify, or remove network resources. For example, tools like "John the ripper," and
"Cain and Abel" are password cracker tools.
• Spoofing/masquerading attack is a situation in which one person or program successfully masquerades as another by
falsifying data and gaining illegitimate access.
• Session hijacking is an attack in which the session established by the client to the server is taken over by a malicious
person or process.
https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/3/pages/9 1/2
4/24/2018 Understanding Cisco Cybersecurity Fundamentals
Which one of the following types of malware masquerades as a legitimate software, but is actually malicious when
launched?
brute-force
DoS
Trojan
smurf
Submit
The type of access attack that allows an attacker to take over a session or spoof a session is done using which
technique?
brute-force
password attack
man-in-the-middle
malware insertion
Submit
https://ondemandelearning.cisco.com/cybersec-nil/secfnd/sections/3/pages/9 2/2