14.7 Session Hi-jacking
Which of the following are protocols included in the IPsec architecture?
IKE, AH, and ESP
Which of the following describes a session ID?
A unique token that a server assigns for the duration of a client's communications with the server.
Jason, an attacker, has manipulated a client's connection to disconnect the real client and allow the server to think that he is the authenticated user. Which of the following describes what he has done?
Active hijacking
Which of the following best describes the process of using prediction to gain session tokens in an Application-level hijacking attack?
Collect several session IDs that have been used before and then analyze them to determine a pattern.
Which of the following protocols is one of the most common methods used to protect packet information and defend against network attacks in VPNs?
IPsec
Which term describes the process of sniffing traffic between a user and server, then re-directing the traffic to the attacker's machine, where malicious traffic can be forwarded to either the user or server?
Man-in-the-middle
Which of the following is characterized by an attacker using a sniffer to monitor traffic between a victim and a host?
Passive hijacking
While performing a penetration test, you captured a few HTTP POST packets using Wireshark. After examining the selected packet, which of the following concerns or recommendations will you include in your report?
Passwords are being sent in clear text.
Your network administrator has set up training for all users regarding clicking on links in emails or instant messages. Which of the following is your network administrator attempting to prevent?
Session fixation
A certain attack task includes five steps as follows: 1- Sniff the traffic between the target computer and the server. 2- Monitor traffic with the goal of predicting the packet sequence numbers. 3- Desynchronize the current session. 4- Predict the session ID and take over the session. 5- Inject commands to target the server.
Session hijacking
