Certified Ethical Hacker Session Hijacking and Evading IDS Firewalls

Question 1

Which type of session hijacking intercepts a session between two parties without requiring prediction of a sequence number?

Accepted Answer

Passive Hijacking

Answer

Passive hijacking involves monitoring a session to capture sensitive data without actively injecting packets, avoiding detection by not disrupting the session.

Question 2

What is the primary goal of TCP session hijacking?

Accepted Answer

To take over an established TCP connection

Answer

TCP session hijacking aims to take control of an active TCP session by predicting or stealing sequence numbers to inject malicious packets.

Question 3

Which tool is commonly used for session hijacking and man-in-the-middle attacks on a LAN?

Accepted Answer

Ettercap

Answer

Ettercap is a comprehensive suite for man-in-the-middle attacks, capable of sniffing, session hijacking, and filtering live connections on a LAN.

Question 4

What countermeasure best prevents session hijacking caused by predictable session tokens?

Accepted Answer

Using long, randomly generated session IDs

Answer

Long, cryptographically random session IDs are computationally infeasible to predict, preventing attackers from guessing valid session tokens.

Question 5

Which attack technique do attackers use to steal session cookies by injecting a script into a vulnerable web application?

Accepted Answer

Cross-Site Scripting (XSS)

Answer

XSS can be used to inject malicious scripts that read and exfiltrate the victim's session cookies to the attacker's server.

Certified Ethical Hacker Practice Test

Certified Ethical Hacker Practice Test

Certified Ethical Hacker Session Hijacking and Evading IDS Firewalls