Join the discussion
Question 1/30
Which of the following protocols is not vulnerable to address spoofing attacks if implemented correctly?
Correct Answer: C
Address spoofing fakes a source address (e.g., IP, MAC) to impersonate or amplify attacks. Analyzing protocol resilience:
C . TCP (Transmission Control Protocol):
Mechanism: Three-way handshake (SYN, SYN-ACK, ACK) verifies both endpoints.
Client SYN (Seq=X), Server SYN-ACK (Seq=Y, Ack=X+1), Client ACK (Ack=Y+1).
Spoofing Resistance: Spoofer must predict the server's sequence number (randomized in modern stacks) and receive SYN-ACK, impractical without session hijacking or MITM.
Correct Implementation: RFC 793-compliant, with anti-spoofing (e.g., Linux tcp_syncookies).
A . UDP:
Connectionless (RFC 768), no handshake. Spoofed packets (e.g., source IP 1.2.3.4) are accepted if port is open, enabling reflection attacks (e.g., DNS amplification).
B . ARP (Address Resolution Protocol):
No authentication (RFC 826). Spoofed ARP replies (e.g., fake MAC for gateway IP) poison caches, enabling MITM (e.g., arpspoof).
D . IP:
No inherent validation at Layer 3 (RFC 791). Spoofed source IPs pass unless filtered (e.g., ingress filtering, RFC 2827).
Security Implications: TCP's handshake makes spoofing harder, though not impossible (e.g., blind spoofing with sequence prediction, mitigated since BSD 4.4). CNSP likely contrasts this with UDP/IP's vulnerabilities in DDoS contexts.
Why other options are incorrect:
A, B, D: Lack handshake or authentication, inherently spoofable.
Real-World Context: TCP spoofing was viable pre-1990s (e.g., Mitnick attack); modern randomization thwarts it.
C . TCP (Transmission Control Protocol):
Mechanism: Three-way handshake (SYN, SYN-ACK, ACK) verifies both endpoints.
Client SYN (Seq=X), Server SYN-ACK (Seq=Y, Ack=X+1), Client ACK (Ack=Y+1).
Spoofing Resistance: Spoofer must predict the server's sequence number (randomized in modern stacks) and receive SYN-ACK, impractical without session hijacking or MITM.
Correct Implementation: RFC 793-compliant, with anti-spoofing (e.g., Linux tcp_syncookies).
A . UDP:
Connectionless (RFC 768), no handshake. Spoofed packets (e.g., source IP 1.2.3.4) are accepted if port is open, enabling reflection attacks (e.g., DNS amplification).
B . ARP (Address Resolution Protocol):
No authentication (RFC 826). Spoofed ARP replies (e.g., fake MAC for gateway IP) poison caches, enabling MITM (e.g., arpspoof).
D . IP:
No inherent validation at Layer 3 (RFC 791). Spoofed source IPs pass unless filtered (e.g., ingress filtering, RFC 2827).
Security Implications: TCP's handshake makes spoofing harder, though not impossible (e.g., blind spoofing with sequence prediction, mitigated since BSD 4.4). CNSP likely contrasts this with UDP/IP's vulnerabilities in DDoS contexts.
Why other options are incorrect:
A, B, D: Lack handshake or authentication, inherently spoofable.
Real-World Context: TCP spoofing was viable pre-1990s (e.g., Mitnick attack); modern randomization thwarts it.
Add Comments
- Other Question (30q)
- Q1. Which of the following protocols is not vulnerable to address spoofing attacks if implemen...
- Q2. The Management Information Base (MIB) is a collection of object groups that is managed by ...
- Q3. According to the screenshot below, which of the following statements are correct? (Exhibit...
- Q4. You are performing a security audit on a company's infrastructure and have discovered that...
- Q5. Which SMB (Server Message Block) network protocol versions are vulnerable to the EternalBl...
- Q6. Which of the following statements regarding Authorization and Authentication is true?...
- Q7. What ports does an MSSQL server typically use?...
- Q8. Which Kerberos ticket is required to generate a Silver Ticket?...
- Q9. What user account is required to create a Golden Ticket in Active Directory?...
- Q10. Where are the password hashes stored in the Linux file system?...
- Q11. Which of the following is an example of a SUID program?...
- Q12. Which of the following is not a DDoS attack?
- Q13. Which of the following files has the SGID permission set? -rwxr-sr-x 1 root root 4096 Jan ...
- Q14. What RID is given to an Administrator account on a Microsoft Windows machine?...
- Q15. How would you establish a null session to a Windows host from a Windows command prompt?...
- Q16. What is the response from a closed TCP port which is behind a firewall?...
- Q17. What is the response from a closed TCP port which is not behind a firewall?...
- Q18. If you find the 111/TCP port open on a Unix system, what is the next logical step to take?...
- Q19. If a hash begins with $2a$, what hashing algorithm has been used?...
- Q20. How many usable TCP/UDP ports are there?
- Q21. In the context of the SSH (Secure Shell) public-private key authentication mechanism, whic...
- Q22. Which of the following commands will work on a Microsoft operating system to add a new dom...
- Q23. Where is the system registry file stored in a Microsoft Windows Operating System?...
- Q24. Which of the following files has the SUID permission set? -rwxr-sr-x 1 root root 4096 Jan ...
- Q25. Which of the following services use TCP protocol?...
- Q26. Which of the following attacks are associated with an ICMP protocol?...
- Q27. You are performing a security audit on a company's network infrastructure and have discove...
- Q28. In the context of a Unix-based system, where does a daemon process execute in the memory?...
- Q29. On a Microsoft Windows operating system, what does the following command do? net localgrou...
- Q30. What kind of files are "Dotfiles" in a Linux-based architecture?...
