Figure 3 shows a LAN topology. Assume that no port security implemented on both switches. The administrator has assigned VLAN 50 for SMTP Server and VLAN 60 for WWW Server.The attacker is trying to launch DOS attack towards the WWW Server with intention to make the server down. Analyze the topology and answer the following question$1$2VLAN 50Questions:Attacker802.10VLAN 60Figure 3SMTP Serverwww Servera. Elaborate how the attacker can manipulate this network infrastructure to launch the DOS attack towards the WWW Server.b. As the network administrator, what will be your action to mitigate this exploit? Write the command(s) appropriately.

According to the information given:- We have to elaborate the mentioned LAN Topology scenario in…

Figure 3 shows a LAN topology Assume that no port security implemented on both switches. The administrator has assigned VLAN 50 for SMTP Server and VLAN 60 for Www.Server The attacker is trying to launch DOS attack towards the WWWW Server with intention to make the server down. Analyze the topology and answer the following question Attacker $2 VLAN 50 VLAN 60 Figure 3 SMTP Server www.Server Questions: a. Elaborate how the attacker can manipulate this network infrastructure to launch the DOS attack towards the WWW Server. b. As the network administrator, what will be your action to mitigate this exploit? Write the command(s) appropriately.

Figure 3 shows a LAN topology Assume that no port security implemented on both switches. The administrator has assigned VLAN 50 for SMTP Server and VLAN 60 for Www.Server The attacker is trying to launch DOS attack towards the WWWW Server with intention to make the server down. Analyze the topology and answer the following question Attacker $2 VLAN 50 VLAN 60 Figure 3 SMTP Server www.Server Questions: a. Elaborate how the attacker can manipulate this network infrastructure to launch the DOS attack towards the WWW Server. b. As the network administrator, what will be your action to mitigate this exploit? Write the command(s) appropriately.

Comptia A+ Core 1 Exam: Guide To Computing Infrastructure (mindtap Course List)

10th Edition

ISBN:9780357108376

Author:Jean Andrews, Joy Dark, Jill West

Publisher:Jean Andrews, Joy Dark, Jill West

Chapter8: Network Infrastructure And Troubleshooting

Section: Chapter Questions

Problem 2TC

See similar textbooks

Similar questions

Tobias wants to know more about software-defined networking, which separates the data plane from the control plane. Which of the following does not exist on the data plane? a. Firewall b. Application layer switch c. Routing d. Ethernet switch Alessio is evaluating the security of the virtual environment being used at your organization. Which of the following is a concern that Alessio should have? a. All hypervisors have the necessary security controls to keep out attackers. b. A VM can be used to test for potential malware. c. A snapshot of a VM's state can be saved for later use. d. Traditional security tools do not always adapt well to multiple VMs.
select the correct answer A)In reviewing the table of mappings between IP addresses and Ethernet addresses on a host, you discover that there is an incorrect mapping, i.e., the Ethernet address for the indicated IP address is not correct. What cyberattack has potentially been successful against this host? 1)ARP Poisoning 2)DNS Spoofing 3)IP Spoofing 4)Ping Flood B)Which of the following IPv6 address allocation schemes allows a device to generate its own address and then obtain additional configuration information from a central server?1) options:Static addressing 2)Static addressing with stateless DHCPv6 3)SLAAC 4)SLAAC with stateless DHCPv6 5)Stateful DHCPv6 C)On an Ethernet network, one node has been successfully sending frames to an address and been receiving responses. This changes however, and after further investigation there are now no no nodes receiving the frames, even though the same nodes remain connected to the network and are responding to other frames. What type of…
Nicolai wants to manage virtual and physical network equipment using a secure protocol with both authentication and encryption. Which of the following should be used? a. DNSSEC b. SNMPv2 c. SNMPv3 d. SNMPv1
In this question, you will help Mallory develop new ways to conduct denial-of-service (DoS) attacks. (1) CHARGEN and ECHO are services provided by some UNIX servers. For every UDP packet arriving at port 19, CHARGEN sends back a packet with 0 to 512 random characters. For every UDP packet arriving at port 7, ECHO sends back a packet with the same content. Mallory wants to perform a DoS attack on two servers. One with IP address M supports CHARGEN, and another with IP address N supports ECHO. Mallory can spoof IP addresses. Is it possible to create a single UDP packet with no content which will cause both servers to consume a large amount of bandwidth? If yes, describe the header (i.e., source IP, destination IP, source port, and destination port) of your UDP package; otherwise, explain why? Assume now that CHARGEN and ECHO are now modified to only respond to TCP packets (post-handshake) and not UDP. Is it possible to create a single TCP SYN packet with no content which will cause…
Question 10 The following figure shows a scenario of insertion attack in which packet "O" has a bad checksum. Why does NIDS let the packet pass through? Question options: NIDS cannot detect the packet "O" NIDS is not allowed to check the checksum of each packet NIDS does not check single letter packet NIDS is not programmed to validate the checksum of each packet. Question 13 What is the purpose of the following traffic? Question options: discover open UDP ports discover open services discover open ICMP ports discover live hosts
Assume a web server can only receive TCP connections on port 80 (HTTP) and 22 (SSH), but not on any other ports. The web server can only establish connection to a database server hosted on private IP 192.168.100.100 on port 3000, but to no other machines inside or outside the network. Imagine this web server is running Linux, and we’re using iptables to define host-based firewall rules for it. Show the set of iptables commands to install necessary rules for this security policy.
Write down two firewall rules on the router using the format below (network interface, protocol, flag, source IP or CIDR, source port, destination IP or CIDR, destination port, action) Rule1: block all of the incoming pings sent to the 172.20.241.0/24 subnet; Rules2: block all of the outgoing pings to any computers outside of the 172.20.241.0/24 subnet. What network attacks can the above firewall rules potentially protect against? Please identify one example of these attacks. Explain how this attack can be conducted and how this attack can be blocked using the rules above. For the file rules in Q4.1, is it for stateful inspection or non-stateful inspection (2pts)? Can a non-stateful inspection firewall detect TCP SYN Flood attack? Why or Why not?
Add a DHCP server to the network with network ID of 223.12.12.0/24. Configure the DHCP server so that it provide IP addresses to all the PCs inside all the subnetworks. Describe step by step process of the DHCP configuration and add screenshot of successful DHCP calls from PC3,PC4,PC5.
Which layer 2 attacks can result in the denial of access to assigned IP addresses for legitimate users? The phenomenon of DHCP depletion MAC address flooding is a technique used in computer networking to overwhelm a switch's MAC address table. The topic of discussion is DHCP spoofing and ARP spoofing.
COM Assume a web browser at a client host (212.13.14.16) wants to send a message to a web server (156.10.10.2) but a firewall at the client's gateway (212.13.14.1) is configured to block all outgoing packets to 156.10.10.2. The client does have access to a VPN application (similar to the one used in the labs) and can use it to connect to a VPN server (130.16.10.2). Describe how the client should set up a tunnel to bypass the firewall so that the web browser can send a message to the web server (156.10.10.2). You must trace the pathway of the message originating at the web browser on the client host and headed to the VPN server explaining how it traverses through different layers (application, transport, network etc.) in the client host and finally reaches the VPN server application. You must also trace the relevant hops (i.e., the IP addresses) the packet navigates through along the way. You need not trace the reply message and you also don't need to focus on the encryption details.…
Hi Just need answer, no need explanation What kind of firewall only checks packet header information in individual packets to make decisions? Circuit-level gateway Application proxy Guard Screening router What kind of IDS builds a model of acceptable behavior so it can flag exceptions? Signature based Misuse based Host based Anomaly based What kind of firewall operates at OSI Layer 5 and can be used to implement a VPN? Circuit-level gateway Application proxy Guard Screening router What kind of firewall can correlate data across packets? Circuit-level gateway Application proxy Stateful inspection Screening router Software that aggregates security event data from multiple sources across a network is called a(n) ___________. IDS SIEM Honeypot IPS
A Smurf attack could be described using which of the following statements? Very large email attachments are sent to the victim’s email address Continually polling all possible Transmission Control Protocol and User Datagram Protocol ports to prevent legitimate connections Sending numerous SYN packets to a server and not replying to the resultant SYN/ACK packets An ICMP Type 8 (ECHO) packet with a spoofed source address is sent to the broadcast address of a large network; each member of that large network responds with an echo response packet to the spoofed source address, which floods the victim