CISSP Introduction Module

CISSP Module 01

CISSP Module 02

CISSP Module 03

CISSP Module 04

CISSP Module 05

CISSP Module 06

CISSP Module 07

CISSP Module 08

CISSP Module 09

Part 07 – Layer 3 Protocols and Attacks

Invite Friends
Facebook Twitter Google+ LinkedIn Email
Virtual Practice Lab
Practice Test
Part 07 – Layer 3 Protocols and Attacks

As the title of this section implies, we look exclusively at the protocols at layer 3 and the multitude of threats targeting them. Layer 3 protocols are commonly referred to as the ‘I’ protocols, though this isn’t completely accurate, it suffices for the scope of the CISSP exam.

In addition to the IP addressing protocol at layer 3, there is the”IP Helper” protocol ICMP and its various messages that are used by networking diagnostic utilities such as ping and traceroute. We point out that this protocol and its associate messages remains a double-edged sword that is frequently exploited by attackers. We then go on to examine some of the major layer 3 protocol threats.

We’ll look at Loki attacks which create a convert channel for sneaking data through in the ICMP header. And no discussion of layer 3 threats would be complete without mentioning smurf and DDoS attacks utilizing spoofed ping requests. These may be shopworn attacks that savvy network admins thwart by blocking incoming ICMP messages and directed broadcasts, however, they are still quite prevalent and their impact is no less devastating to their hapless victims.

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.


Upcoming Industry Events

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge



How to Evade AV with OWASP-ZSC – Part 1
Views: 484 / January 20, 2018
Tracking IP info with its Metadata
Views: 1174 / January 19, 2018
UNMASKED: Skygofree, FISA, and Google
Views: 777 / January 19, 2018
Error Based Injection
Views: 1721 / January 18, 2018
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?