Course 3 – CONNECT AND PROTECT: NETWORKS AND NETWORK SECURITY

Module 3: Secure Against Network Intrusions

GOOGLE CYBERSECURITY PROFESSIONAL CERTIFICATE

Coursera Study Guide

Enroll in Coursera Google Cybersecurity Professional Certificate

TABLE OF CONTENT

INTRODUCTION – Secure Against Network Intrusions

In this comprehensive overview, participants will delve into an in-depth understanding of various types of network attacks, equipping themselves with the knowledge to recognize and counteract threats to network systems and devices. The course not only explores the diverse tactics employed by malicious actors to compromise network infrastructure but also delves into the sophisticated techniques cybersecurity professionals employ to secure and fortify vulnerable systems. By examining real-world case studies and engaging with practical scenarios, participants will gain practical insights into the strategies used by cyber adversaries and the proactive measures taken by cybersecurity experts to identify and close potential loopholes. This module serves as an indispensable resource for those aiming to develop a holistic comprehension of network security, fostering the skills needed to navigate and mitigate the evolving landscape of cybersecurity threats.

Learning Objectives

  • Describe network intrusion tactics
  • Explain how to secure a network against intrusion tactics
  • Investigate security breaches
  • Understand different types of network attacks
  • Troubleshoot basic network issues using appropriate tools and methods

TEST YOUR KNOWLEDGE: SECURE NETWORKS AGAINST DENIAL OF SERVICE (DOS) ATTACKS

1. What type of attack uses multiple devices or servers in different locations to flood the target network with unwanted traffic?

  • Phishing attack
  • Distributed Denial of Service (DDoS) attack (CORRECT)
  • Denial of Service (DoS) attack
  • Tailgating attack

A DDoS attack uses multiple devices or servers in different locations to flood the target network with unwanted traffic.

2. What type of attack poses as a TCP connection and floods a server with packets simulating the first step of the TCP handshake?

  • SYN flood attack (CORRECT)
  • On-path attack
  • SYN-ACK flood attack
  • ICMP flood

A SYN flood attack poses as a TCP connection and floods a server with packets simulating the first step of the TCP handshake. This overwhelms the server, making it unable to function.

3. Fill in the blank: The Denial of Service (DoS) attack _____ is caused when a hacker sends a system an ICMP packet that is bigger than 64KB.

  • ICMP flood
  • On-path
  • SYN flood
  • Ping of Death (CORRECT)

The DoS attack Ping of Death is caused when a hacker sends a system an ICMP packet that is bigger than 64KB.

4. Which types of attacks take advantage of communication protocols by sending an overwhelming number of requests to a server? Select all that apply.

  • ICMP flood attack (CORRECT)
  • TCP connection attack
  • SYN flood attack (CORRECT)
  • Tailgating attack

ICMP flood and SYN flood attacks take advantage of communication protocols by sending an overwhelming number of requests to a server.

5. Which of the following are common network attacks? Select all that apply.

  • Malware (CORRECT)
  • Packet flooding (CORRECT)
  • Spoofing (CORRECT)
  • Proxy servers

Spoofing, packet flooding, and malware are all common network attacks.

6. Fill in the blank: A _____ attack happens when an attacker sends a device or system oversized ICMP packets that are bigger than 64KB.

  • Ping of death (CORRECT)
  • Internet Control Message Protocol (ICMP) Flood
  • Distributed denial of service (DDoS)
  • SYN (synchronize) flood

A ping of death attack is a type of DOS attack caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB.

TEST YOUR KNOWLEDGE: NETWORK INTERCEPTION ATTACK TACTICS

1. Passive packet sniffing involves data packets being manipulated while in transit, which may include injecting internet protocols to redirect the packets to unintended ports or changing the information the packet contains.

  • True
  • False (CORRECT)

Active packet sniffing is a type of attack that involves data packets being manipulated while in transit. This can include injecting internet protocols to redirect the packets to unintended ports or changing the information the packet contains. Passive packet sniffing is a type of attack where data packets are read in transit.

2. Fill in the blank: A security analyst can protect against malicious packet sniffing by _____ to encrypt data as it travels across a network.

  • using only websites with HTTP at the beginning of their domain addresses
  • using a network hub
  • using free public Wi-Fi
  • using a VPN (CORRECT)

A security analyst can protect against malicious packet sniffing by using a VPN to encrypt data as it travels across a network. A VPN is a network security service that changes a public IP address and hides a virtual location to keep data private when using a public network.

3. Which type of attack involves an attacker changing the source IP of a data packet to impersonate an authorized system and gain access to the network?

  • Ping of death
  • Replay attack
  • IP spoofing (CORRECT)
  • On-path attack

IP spoofing involves an attacker changing the source IP of a data packet to impersonate an authorized system and gain access to the network.

4. Which of the following statements accurately describes a smurf attack?

  • A DoS attack that is caused when a hacker pings a system by sending it an oversized ICMP packet that is bigger than the maximum size
  • A network attack performed when an attacker sniffs an authorized user’s IP address and floods it with packets (CORRECT)
  • A DoS attack performed by an attacker repeatedly sending ICMP packets to a network server
  • A network attack performed when an attacker intercepts a data packet in transit and delays it or repeats it at another time

A smurf attack is a network attack performed when an attacker sniffs an authorized user’s IP address and floods it with packets. It is a combination of a DDoS attack and an IP spoofing attack.

5. Which part of a data packet may contain valuable information about the data in transit?

  • Network
  • Header
  • Footer
  • Body (CORRECT)

The body of a data packet may contain sensitive information such as credit card numbers, dates of birth, or personal messages. Malicious actors can use the information contained in the body of a data packet to their advantage.

6. Which of the following attacks use IP spoofing? Select three answers.

  • Smurf attack (CORRECT)
  • Tailgating
  • Replay attack (CORRECT)
  • On-path attack (CORRECT)

Replay attacks, on-path attacks, and smurf attacks are common types of IP spoofing attacks. A smurf attack is when an attacker sniffs an authorized user’s IP address and floods it with packets.

Replay attacks, on-path attacks, and smurf attacks are common types of IP spoofing attacks. Tailgating is a type of social engineering attack where a malicious actor follows an authorized person into a restricted area.

Replay attacks, on-path attacks, and smurf attacks are common types of IP spoofing attacks. A replay attack is a network attack performed when an attacker intercepts a data packet in transit and delays it or repeats it at another time.

Replay attacks, on-path attacks, and smurf attacks are common types of IP spoofing attacks. An on-path attack is an attack where a malicious actor places themselves in the middle of an authorized connection and intercepts or alters the data in transit.

Liking our content? Then, don’t forget to ad us to your bookmarks so you can find us easily!

Subscribe

MODULE 3 CHALLENGE

1. What happens during a Denial of Service (DoS) attack?

  • The target crashes and normal business operations cannot continue. (CORRECT)
  • The data packets containing valuable information are stolen as they travel across the network.
  • The network is infected with malware.
  • The attacker successfully impersonates an authorized user and gains access to the network.

2. Which type of attack overloads a network with traffic and overwhelms the target server?

  • Denial of Service (DoS) (CORRECT)
  • Ping of death
  • SYN flood
  • IP spoofing

3. A security team discovers that an attacker has taken advantage of the handshake process that is used to establish a TCP connection between a device and their server. Which DoS attack does this scenario describe?

  • On-path attack
  • SYN flood attack (CORRECT)
  • Ping of Death
  • ICMP flood

4. Which type of attack occurs when a malicious actor sends an oversized ICMP packet to a server?

  • SYN flood
  • smurf
  • on-path
  • Ping of Death (CORRECT)

5. Which of the following statements Correctly describe passive and active packet sniffing? Select three answers.

  • Active packet sniffing may enable attackers to redirect the packets to unintended ports. (CORRECT)
  • The purpose of passive packet sniffing is to read data packets while in transit. (CORRECT)
  • Passive packet sniffing may enable attackers to change the information a packet contains.
  • Using only websites with HTTPS at the beginning of their domain names provides protection from packet sniffing. (CORRECT)

6. As a security professional, you research on-path, replay, and smurf attacks in order to implement procedures that will protect your company from these incidents. What type of attack are you learning about?

  • IP spoofing (CORRECT)
  • Ping of death
  • Packet sniffing
  • SYN flooding

7. Fill in the blank: To reduce the chances of an IP spoofing attack, a security analyst can configure a _____ to reject all incoming traffic with the same source IP addresses as those owned by the organization.

  • firewall (CORRECT)
  • demilitarized zone
  • HTTPS domain address
  • VPN

8. Fill in the blank: In a/an ____ attack, a malicious actor places themselves in the middle of an authorized connection and intercepts the data in transit.

  • Malware attack
  • On-path attack (CORRECT)
  • Smurf attack
  • Packet flooding attack

9. Fill in the blank: The _____ network attack occurs when an attacker intercepts a data packet in transit, then repeats it at another time.

  • replay (CORRECT)
  • smurf
  • on-path
  • SYN flood

10. Fill in the blank: A ___ attack happens when a malicious actor sniffs an authorized user’s IP address and floods it with packets.

  • On-path attack
  • Replay attack
  • Smurf attack (CORRECT)
  • Ping of Death

11. What is the main objective of a Denial of Service (DoS) attack?

  • Repeatedly send ICMP packets to a network server
  • Simulate a TCP connection and flood a server with SYN packets
  • Disrupt normal business operations (CORRECT)
  • Send oversized ICMP packets

12. A security team investigates a server that has been overwhelmed with SYN packets. What does this scenario describe?

  • Ping of Death
  • On-path attack
  • ICMP flood attack
  • SYN flood attack (CORRECT)

13. Fill in the blank: The maximum size of a Correctly formatted IPv4 ICMP packet is _____, as opposed to the oversized packet that is sent during a Ping of Death attack.

  • 64TB
  • 15Gb
  • 64KB (CORRECT)
  • 32KB

14. Which type of packet sniffing allows malicious actors to view and read data packets in transit?

  • Passive packet sniffing (CORRECT)
  • Active packet sniffing
  • IP packet interception
  • Hardware packet sniffing 

15. Fill in the blank: In a _____ attack, an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.

  • IP spoofing (CORRECT)
  • Passive packet sniffing
  • Active packet sniffing
  • Ping of Death

16. What are some common IP spoofing attacks? Select all that apply.

  • on-path attacks (CORRECT)
  • replay attacks (CORRECT)
  • smurf attacks (CORRECT)
  • KRACK attacks

17. A malicious actor impersonates a web browser or web server by placing themselves between two devices, then sniffing the packet information to discover the IP and MAC addresses. Which type of attack is this?

  • Smurf attack
  • On-path attack (CORRECT)
  • Malware attack Packet flooding attack

18. Which attack involves an attacker sniffing an authorized user’s IP address and flooding it with packets?

  • Smurf attack (CORRECT)
  • On-path attack
  • Replay attack
  • Ping of Death

19. What do network-level Denial of Service (DoS) attacks target?

  • Commonly used software applications
  • The personal information of employees
  • All hardware within an organization
  • Network bandwidth (CORRECT)

20. A malicious actor intercepts a network transmission that was sent by an authorized user and repeats it at a later time to impersonate a user. Which type of attack is this?

  • SYN flood
  • replay (CORRECT)
  • smurf
  • on-path

21. A malicious actor takes down a network by flooding an authorized user’s IP address with packets. Which type of DDoS attack is this?

  • Smurf attack (CORRECT)
  • Ping of Death
  • On-path attack
  • Replay attack

22. Fill in the blank: A _____ attack uses multiple devices in different locations to flood the target network with unwanted traffic.

  • Distributed Denial of Service (DDoS)
  • Tailgating
  • Ping of death
  • ICMP flood

23. Fill in the blank: _____ is a network attack performed when an attacker changes the source IP of a data packet to impersonate an authorized system and gain access to a network.

  • IP spoofing (CORRECT)
  • A DoS attack
  • A KRACK attack
  • SYN flooding
Previous Module
Next Module

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe