A network administrator notices unexpected traffic on the network that is identical to valid service requests from earlier in the day. What type of attack should the administrator be concerned about and what is a primary countermeasure to prevent such an attack?
The traffic pattern is characteristic of a brute force attack, and the administrator should implement account lockout policies.
The administrator is likely witnessing a man-in-the-middle attack and should implement encryption between the endpoints.
This seems to be indicative of a denial-of-service attack, and employing increased bandwidth and firewall rules can help mitigate it.
The network administrator should be concerned about a replay attack and can use sequence numbers or time stamps to prevent such attacks.
This scenario describes a replay attack, where an attacker eavesdrops on a network, captures a valid transmission (like a request for service or authentication token), and then re-transmits it later to perform unauthorized actions. To prevent replay attacks, sequence numbers or time stamps are often utilized in the communication protocol, as these can ensure that old communications cannot be reused effectively since their sequence or time stamp would be out of the valid range for current communications.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a replay attack?
Open an interactive chat with Bash
How do sequence numbers help prevent replay attacks?
Open an interactive chat with Bash
What role do time stamps play in preventing replay attacks?