Scribd
Upload
314 views

03 Laboratory Exercise 1

An article discusses passive and active cybersecurity attacks. Passive attacks involve no data modification and the target may be unaware unless monitoring is in place. Active attacks damage system resources and data, disrupting normal operation. While active attacks are more detectable, their root cause is difficult to pinpoint without monitoring. The article recommends preventing passive attacks through encryption and avoiding sharing confidential information. It also suggests preventing active attacks by using one-time passwords and authentication protocols to limit the impact of replayed messages or sessions.

Uploaded by

Rizza Mae
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
314 views

03 Laboratory Exercise 1

An article discusses passive and active cybersecurity attacks. Passive attacks involve no data modification and the target may be unaware unless monitoring is in place. Active attacks damage system resources and data, disrupting normal operation. While active attacks are more detectable, their root cause is difficult to pinpoint without monitoring. The article recommends preventing passive attacks through encryption and avoiding sharing confidential information. It also suggests preventing active attacks by using one-time passwords and authentication protocols to limit the impact of replayed messages or sessions.

Uploaded by

Rizza Mae
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

1. What is the article all about? Summarize the article in at least 7 sentences.

Cybersecurity threats are classified into two categories: passive and aggressive
attacks. In a passive attack, no data is modified, and the target is unaware of it unless
they have a mechanism in place to track and secure machine identities. During an
aggressive attack, system resources and data are changed or otherwise damaged,
causing the system to stop operating normally. While an active attack is more likely to
be detected than a passive attack, the root cause of active attacks is difficult to pinpoint
without careful monitoring and security of human and computer identities.
2. Compare and contrast active and passive attacks.
An attacker tracks a system's and network's communications and searches for
open ports and other vulnerabilities in a passive attack. They might, for example, take
advantage of an unpatched system or a security device's expired certificate. Once an
attacker has gained access to the network, they may gather data in a variety of ways. In
a passive foot printing attack, the attacker may try to gather as much information as
possible in order to use it later to attack the target device or network. An active attack
involves compromising a user or network using information obtained during a passive
attack.
Active attacks come in a number of ways. In a masquerade attack, an attacker
impersonates another user in order to gain access to a system's restricted area. In a
replay assault, an attacker steals a packet from the network and sends it to a service or
device as if the intruder was the user who sent the packet in the first place. Active
attacks include denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks,
which both operate by preventing authorized users from accessing a particular resource
on a network or the internet.
3. What are your recommendations to prevent these attacks?
For passive attacks, messages are scrambled using encryption methods,
rendering them unreadable to any unintentional recipients. In this case, two forms of
encryption can be used: Symmetric keys and public-key encryption. And also, avoid
publicly sharing confidential information (such as private and business information) that
could be used by outside hackers to gain access to your private network.
And on the other hand for active attacks, a random session key that is only valid
for one transaction at a time can be created, effectively preventing a malicious user
from re-transmitting the original message after the original session has ended.
Authenticating transactions and sessions between interacting parties is easier with one-
time passwords. This ensures that even if an intruder is successful in recording and
retransmitting the intercepted message, the password associated with it will have
expired by then. Using the Kerberos authentication protocol (commonly found in
Microsoft Windows Active Directory), which includes a number of countermeasures for
various forms of replay attacks.

You might also like