Here areTop 30 multiple-choice questions (MCQs) only focused on the Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in the context of Cyber Threats and Attack Vectors, along with their answers and explanations.These questions cover various aspects of DoS and DDoS attacks, including their types, techniques, and goals.
1. What is the primary goal of a Denial of Service (DoS) attack?
- Unauthorized access to sensitive information
- Encryption of files for ransom
- Disrupting or degrading the availability of a service
- Spreading malware through infected files
The primary goal of a DoS attack is to disrupt or degrade the availability of a service for legitimate users.
2. What is the main difference between a DoS and a DDoS attack?
- The target system's vulnerability
- The number of attackers involved
- The use of encryption
- The level of sophistication
A DoS attack is conducted by a single attacker, while a DDoS attack involves multiple attackers coordinating their efforts.
3. What is the term for a DDoS attack that involves amplifying the volume of traffic using open DNS resolvers?
- Smurf attack
- DNS amplification attack
- SYN flood attack
- Ping flood attack
A DNS amplification attack involves amplifying the volume of traffic using open DNS resolvers to overwhelm the target.
4. What is the purpose of a SYN flood attack in the context of DoS attacks?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic using open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Sending a large number of ICMP Echo Request messages
A SYN flood attack exploits the three-way handshake in the TCP protocol to exhaust resources on the target system.
5. What is the term for a DDoS attack that exploits vulnerabilities in Internet of Things (IoT) devices?
- IoT flooding
- Botnet attack
- Thingbot attack
- Device amplification attack
A Thingbot attack involves exploiting vulnerabilities in Internet of Things (IoT) devices to create a botnet for a DDoS attack.
6. What is the purpose of a Ping flood attack in a DoS scenario?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic using open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Sending a large number of ICMP Echo Request messages
A Ping flood attack involves sending a large number of ICMP Echo Request messages to overwhelm the target.
7. What is the role of a botnet in a DDoS attack?
- Encrypting files on the target system
- Disrupting network services
- Amplifying traffic through DNS resolvers
- Coordinating multiple compromised devices to flood a target with traffic
A botnet is a network of compromised devices that can be coordinated to flood a target with traffic in a DDoS attack.
8. What is the primary goal of a reflection attack in a DDoS scenario?
- Exploiting vulnerabilities in IoT devices
- Amplifying the volume of traffic through open DNS resolvers
- Coordinating a large number of devices in a botnet
- Disrupting network services through the use of malicious scripts
A reflection attack involves amplifying the volume of traffic through open DNS resolvers to increase the impact on the target.
9. What is the term for a DDoS attack that targets the application layer of a network?
- Application layer attack
- Layer 7 attack
- Protocol-specific attack
- Payload flood attack
A DDoS attack targeting the application layer is often referred to as a Layer 7 attack.
10. What is the purpose of a DNS flood attack in a DDoS scenario?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic using open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Sending a large number of ICMP Echo Request messages
A DNS flood attack involves overloading the target with excessive DNS requests to exhaust its resources.
11. What is the term for a DDoS attack that aims to exploit vulnerabilities in the transport layer of a network?
- Transport layer attack
- Layer 4 attack
- SYN flood attack
- Protocol-specific attack
A DDoS attack targeting the transport layer is often referred to as a Layer 4 attack.
12. What is the primary goal of an HTTP flood attack in a DDoS scenario?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic through open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Overwhelming a web server with a high volume of HTTP requests
An HTTP flood attack aims to overwhelm a web server with a high volume of HTTP requests.
13. What is the term for a DDoS attack that exploits vulnerabilities in the Internet Control Message Protocol (ICMP)?
- ICMP flood attack
- Protocol-specific attack
- Ping amplification attack
- Payload flood attack
An ICMP flood attack exploits vulnerabilities in the Internet Control Message Protocol (ICMP) to flood a target with traffic.
14. What is the primary goal of an amplification attack in a DDoS scenario?
- Exploiting vulnerabilities in IoT devices
- Amplifying the volume of traffic through open DNS resolvers
- Coordinating a large number of devices in a botnet
- Disrupting network services through the use of malicious scripts
An amplification attack aims to amplify the volume of traffic through techniques like open DNS resolvers.
15. What is the term for a DDoS attack that specifically targets the network layer of a system?
- Network layer attack
- Layer 3 attack
- SYN flood attack
- Protocol-specific attack
A DDoS attack targeting the network layer is often referred to as a Layer 3 attack.
16. What is the purpose of a zero-day attack in the context of DDoS attacks?
- Exploiting vulnerabilities that have no available patches or fixes
- Amplifying traffic through DNS resolvers
- Coordinating a large number of devices in a botnet
- Disrupting network services through the use of malicious scripts
A zero-day attack exploits vulnerabilities that have no available patches or fixes, making it harder to defend against.
17. What is the term for a DDoS attack that aims to overwhelm a target by consuming its resources, such as bandwidth or server capacity?
- Bandwidth exhaustion attack
- Resource depletion attack
- Capacity overload attack
- Network congestion attack
A resource depletion attack aims to overwhelm a target by consuming its resources, such as bandwidth or server capacity.
18. What is the primary goal of a volumetric attack in a DDoS scenario?
- Exploiting vulnerabilities in IoT devices
- Amplifying the volume of traffic through open DNS resolvers
- Coordinating a large number of devices in a botnet
- Overwhelming the target with a high volume of traffic
A volumetric attack aims to overwhelm the target with a high volume of traffic, impacting its availability.
19. What is the term for a DDoS attack that targets the session layer of a network?
- Session layer attack
- Layer 5 attack
- SYN flood attack
- Protocol-specific attack
A DDoS attack targeting the session layer is often referred to as a Layer 5 attack.
20. What is the purpose of a DNS reflection attack in a DDoS scenario?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic through open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Sending a large number of ICMP Echo Request messages
A DNS reflection attack involves amplifying the volume of traffic through open DNS resolvers to increase the impact on the target.
21. What is the term for a DDoS attack that focuses on overwhelming a target's application resources, such as databases or APIs?
- Application layer attack
- Layer 7 attack
- Database overload attack
- API flood attack
An application layer attack focuses on overwhelming a target's application resources, such as databases or APIs.
22. What is the primary goal of an ICMP amplification attack in a DDoS scenario?
- Exploiting vulnerabilities in IoT devices
- Amplifying the volume of traffic through open DNS resolvers
- Coordinating a large number of devices in a botnet
- Flooding the target with ICMP Echo Request messages
An ICMP amplification attack involves flooding the target with ICMP Echo Request messages to amplify the volume of traffic.
23. What is the term for a DDoS attack that aims to disrupt a target by consuming its processing resources, such as CPU or memory?
- Processing power attack
- CPU overload attack
- Resource exhaustion attack
- Capacity depletion attack
A resource exhaustion attack aims to disrupt a target by consuming its processing resources, such as CPU or memory.
24. What is the purpose of a Slowloris attack in a DDoS scenario?
- Overloading the target with excessive DNS requests
- Amplifying the volume of traffic through open DNS resolvers
- Exploiting the three-way handshake in the TCP protocol to exhaust resources
- Prolonging connections to consume server resources
A Slowloris attack aims to prolong connections to a server, consuming its resources and preventing new connections.
25. What is the term for a DDoS attack that aims to exhaust a target's network resources by flooding it with a large number of small-sized packets?
- Bandwidth exhaustion attack
- Packet flood attack
- Fragmentation attack
- Protocol-specific attack
A packet flood attack aims to exhaust a target's network resources by flooding it with a large number of small-sized packets.