Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

TestOut Ethical Hacker Pro > 10.2.14 Practice Questions > Flashcards

10.2.14 Practice Questions Flashcards

1
Q

Which of the following tasks is being described?

Sniff the traffic between the target computer and the server.
Monitor traffic with the goal of predicting the packet sequence numbers.
Desynchronize the current session.
Predict the session ID and take over the session.
Inject commands to target the server.
answer

Cookie hijacking

Application hijacking

Passive hijacking

Session hijacking

A

Session hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Listen to exam instructions
Which of the following describes a session ID?

answer

The destination IP address of an encrypted packet sent from a server to a client.

A unique token that a server assigns for the duration of a client’s communications with the server.

The source IP address of an encrypted packet sent from a server to a client.

The symmetric key used to encrypt and decrypt communications between a client and a server.

A

A unique token that a server assigns for the duration of a client’s communications with the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Listen to exam instructions
Which of the following is characterized by an attacker using a sniffer to monitor traffic between a victim and a host?

answer

Session key

Passive hijacking

Session ID

Active hijacking

A

Passive hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Jason, an attacker, has manipulated a client’s connection to disconnect the real client and allow the server to think that he is the authenticated user. Which of the following describes what he has done?

answer

Cross-site scripting

Active hijacking

Passive hijacking

Session sniffing

A

Active hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Listen to exam instructions
Which of the following best describes the process of using prediction to gain session tokens in an Application level hijacking attack?

answer

Collect several session IDs that have been used before and then analyze them to determine a pattern.

Obtain a user’s HTTP cookies to collect session IDs embedded within the file to gain access to a session.

Convince the victim system that you are the server so you can hijack a session and collect sensitive information.

Review a user’s browsing history to enter a previously used URL to gain access to an open session.

A

Collect several session IDs that have been used before and then analyze them to determine a pattern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An illustration of a series of packets captured with Wireshark, using a filter.

As the cybersecurity specialist for your company, you have used Wireshark to check for man-in-the-middle DHCP spoofing attacks using the bootp filter. After examining the results, what is your best assessment?

answer

A man-in-the-middle spoofing attack is possible due to the DHCP Offer packet captured from the hacker.

A man-in-the-middle spoofing attack is possible due to two DHCP ACK packets.

Two man-in-the-middle spoofing attacks were captured.

No man-in-the-middle spoofing attacks are currently present.

A

A man-in-the-middle spoofing attack is possible due to two DHCP ACK packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which term describes the process of sniffing traffic between a user and server, then re-directing the traffic to the attacker’s machine, where malicious traffic can be forwarded to either the user or server?

answer

Cross-site scripting

DNS spoofing

Man-in-the-middle

Session hijacking

A

Man-in-the-middle

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An illustration of a series of packets captured with Wireshark, using a filter.

While performing a penetration test, you captured a few HTTP POST packets using Wireshark. After examining the selected packet, which of the following concerns or recommendations will you include in your report?

answer

Keep-alive connections are being used.

Passwords are being sent in clear text.

The urgent pointer flag is set to 0.

The checksum is unverified.

A

Passwords are being sent in clear text.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following protocols is one of the most common methods used to protect packet information and defend against network attacks in VPNs?

answer

IPsec

ECC

SYN

BLE

A

IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A penetration tester discovers a vulnerable application and is able to hijack a website’s URL hyperlink session ID. The penetration tester is able to intercept the session ID; when the vulnerable application sends the URL hyperlink to the website, the session IDs are embedded in the hyperlink. Which of the following types of session hijacking countermeasures is the penetration tester using?

answer

TCP/IP session hijacking

Man-in-the-middle attack

UDP session hijacking

Session fixation attack

A

Session fixation attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Listen to exam instructions
Which of the following are protocols included in the IPsec architecture?

answer

IKE, AH, and ACK

SIP, AH, and ESP

IKE, AH, and ESP

SIP, AH, and ACK

A

IKE, AH, and ESP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Your network administrator has set up training for all the users regarding clicking on links in emails or instant messages. Which of the following is your network administrator attempting to prevent?

answer

DNS spoofing

Packet filtering

Packet sniffing

Session fixation

A

Session fixation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

TestOut Ethical Hacker Pro (28 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions