EH CH12 MCQ's

Ace your homework & exams now with Quizwiz!

Jennifer is a junior system administrator for a small firm of 50 employees. For the last week a few users have been complaining of losing connectivity intermittently with no suspect behavior on their part such as large downloads or intensive processes. Jennifer runs Wireshark on Monday morning to investigate. She sees a large amount of ARP broadcasts being sent at a fairly constant rate. What is Jennifer most likely seeing? A. ARP poisoning B. ARP caching C. ARP spoofing D. DNS spoofing

A. ARP poisoning

A session hijack can happen with which of the following? A. Networks and applications B. Networks and physical devices C. Browsers and applications D. Cookies and devices

A. Networks and applications

Julie has been working with sniffing and session-hijacking tools on her company network. Since she wants to stay white hat—that is, ethical—she has gotten permission to undertake these activities. What would Julie's activities be categorized as? A. Passive B. Monitoring C. Active D. Sniffing

A. Passive

A public place workstation contains the browsing history of multiple users who logged in during the last seven days. While digging through the history, a user runs across the following web address: www.snaz22enu.com/&w25/session=22525. What kind of embedding are you seeing? A. URL embedding B. Session embedding C. Hidden form embedding D. Tracking cookie

A. URL embedding

Session fixation is a vulnerability in which of the following? A. Web applications B. Networks C. Software applications D. Protocols

A. Web applications

An ethical hacker sends a packet with a deliberate and specific path to its destination. What technique is the hacker using? A. IP spoofing B. Source routing C. ARP poisoning D. Host routing

B. Source routing

Network-level hijacking focuses on the mechanics of a connection such as the manipulation of packet sequencing. What is the main focus of web app session hijacking? A. Breaking user logins B. Stealing session IDs C. Traffic redirection D. Resource DoS

B. Stealing session IDs

In the following screen shot, what is the plaintext password that was used to create the secured web connection by the client? A. @wERy%9q>[cAF{A7>}rQMV8@=b B. The key cannot be derived. C. 0x0303 D. b99d4098d877458052b57910abb78b259a9b

B. The key cannot be derived.

Which of the following is not a source of session IDs? A. URL B. Cookie C. Anonymous login D. Hidden login

C. Anonymous login

12. Session hijacking can be thwarted with which of the following? A. SSH B. FTP C. Authentication Mechanisms D. Sniffing

C. Authentication Mechanisms

A man-in-the-middle attack is an attack where the attacking party does which of the following? A. Infect the client system B. Infect the server system C. Insert themselves into an active session D. Insert themselves into a web application

C. Insert themselves into an active session

Which statement defines session hijacking most accurately? A. Session hijacking involves stealing a user's login information and using that information to pose as the user later. B. Session hijacking involves assuming the role of a user through the compromise of physical tokens such as common access cards. C. Session hijacking is an attack that aims at stealing a legitimate session and posing as that user while communicating with the web resource or host machine. D. Session hijacking involves only web applications and is specific to stealing session IDs from compromised cookies.

C. Session hijacking is an attack that aims at stealing a legitimate session and posing as that user while communicating with the web resource or host machine.

Julie has sniffed an ample amount of traffic between the targeted victim and an authenticated resource. She has been able to correctly guess the packet sequence numbers and inject packets, but she is unable to receive any of the responses. What does this scenario define? A. Switched network B. SSL encryption C. TCP hijacking D. Blind hijacking

D. Blind hijacking

A session hijack can be initiated from all of the following except which one? A. Emails B. Browsers C. Web applications D. Devices

D. Devices

Session hijacking can be performed on all of the following protocols except which one? A. FTP B. SMTP C. HTTP D. IPsec

D. IPsec

Based on the diagram, what attack is occurring? A. Session splicing B. Denial-of-service C. Source routing D. MITM

D. MITM

Session hijacking can do all of the following except which one? A. Take over an authenticated session B. Be used to steal cookies C. Take over a session D. Place a cookie on a server

D. Place a cookie on a server

A man-in-the-browser attack is typically enabled by using which mechanism? A. Virus B. Worms C. Logic bombs D. Trojans

D. Trojans


Related study sets

N203 Psych midterm (first 147 Q's)/Final practice quiz

View Set

Ch. 11 Quiz: Project Risk Management

View Set

Chapter 61: Management of Patients with Dermatologic Disorders

View Set

Anthropology Exam 3 Quiz Questions

View Set

Chapter 20: Accounting Changes and Error Corrections

View Set

CE Direct hypertensive disorders of pregnancy

View Set

(Mc Graw Hill)Cell Nutrition Ch. 4, 6, 7

View Set

Security+ SY0-601 Domain 1: Attacks, Threats, and Vulnerabilities

View Set

ch 7-Membrane Structure and Function

View Set

BPA Business Law & Ethics ( Fill In The Blank)

View Set

Bio 102 Chapter 52 Mastering Biology

View Set