Ethical Hacker 10.2.14
As the cybersecurity specialist for your company, you have used Wireshark to check for man-in-the-middle DHCP spoofing attacks using the bootp filter. After examining the results, what is your best assessment?
A man-in-the-middle spoofing attack is possible due to two DHCP ACK packets.
Jason, an attacker, has manipulated a client's connection to disconnect the real client and allow the server to think that he is the authenticated user. Which of the following describes what he has done?
Active hijacking
Your network administrator has set up training for all the users regarding clicking on links in emails or instant messages. Which of the following is your network administrator attempting to prevent?
Session fixation
Which of the following describes a session ID?
A unique token that a server assigns for the duration of a client's communications with the server.
Which of the following best describes the process of using prediction to gain session tokens in an Application level hijacking attack?
Collect several session IDs that have been used before and then analyze them to determine a pattern.
Which of the following is characterized by an attacker using a sniffer to monitor traffic between a victim and a host?
Passive hijacking
A penetration tester discovers a vulnerable application and is able to hijack a website's URL hyperlink session ID. The penetration tester is able to intercept the session ID; when the vulnerable application sends the URL hyperlink to the website, the session IDs are embedded in the hyperlink. Which of the following types of session hijacking countermeasures is the penetration tester using?
Session fixation attack
Which of the following tasks is being described?
Session hijacking
Which of the following protocols is one of the most common methods used to protect packet information and defend against network attacks in VPNs?
IPsec
While performing a penetration test, you captured a few HTTP POST packets using Wireshark. After examining the selected packet, which of the following concerns or recommendations will you include in your report?
Passwords are being sent in clear text.
Which term describes the process of sniffing traffic between a user and server, then re-directing the traffic to the attacker's machine, where malicious traffic can be forwarded to either the user or server?
Man-in-the-middle
Which of the following are protocols included in the IPsec architecture?
IKE, AH, and ESP
