Cisco CCNA mock exam questions sample test – Question 125

.From which of the following attacks can Message Authentication Code (MAC) shield your network?

A. DoS
B. DDoS
C. spoofing
D. SYN floods

Correct Answer: C

Explanation:
Message Authentication Code (MAC) can shield your network from spoofing attacks. Spoofing, also known as masquerading, is a popular trick in which an attacker intercepts a
network packet, replaces the source address of the packets header with the address of the authorized host, and reinserts fake information which is sent to the receiver. This type of
attack involves modifying packet contents. MAC can prevent this type of attack and ensure data integrity by ensuring that no data has changed. MAC also protects against frequency
analysis, sequence manipulation, and ciphertext-only attacks.
MAC is a secure message digest that requires a secret key shared by the sender and receiver, making it impossible for sniffers to change both the data and the MAC as the receiver
can detect the changes.
A denial-of-service (DoS) attack floods the target system with unwanted requests, causing the loss of service to users. One form of this attack generates a flood of packets requesting
a TCP connection with the target, tying up all resources and making the target unable to service other requests. MAC does not prevent DoS attacks. Stateful packet filtering is the
most common defense against a DoS attack.
A Distributed Denial of Service attack (DDoS) occurs when multiple systems are used to flood the network and tax the resources of the target system. Various intrusion detection
systems, utilizing stateful packet filtering, can protect against DDoS attacks.
In a SYN flood attack, the attacker floods the target with spoofed IP packets and causes it to either freeze or crash. A SYN flood attack is a type of denial of service attack that exploits
the buffers of a device that accept incoming connections and therefore cannot be prevented by MAC. Common defenses against a SYN flood attack include filtering, reducing the
SYN-RECEIVED timer, and implementing SYN cache or SYN cookies.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot basic device hardening
References:
Cisco > The Internet Protocol Journal, Volume 10, No. 4 > IP Spoofing