Ethical Hacking 12a Flashcards
At what layer do routers allow the datagram to hop from the source to the destination, one hop at a time?
network
What does an attacker have to predict or guess in a blind hijacking attack?
the sequence number that a host sends
A client has asked you to evaluate their web application. Upon using the application, you notice that user session data appears in the URL. What is the web application doing?
The web application is using GET requests to pass session data.
Which term refers to the exploitation of a valid computer communication during which an attacker takes over the conversation between two computers?
Session Hijacking
Your client has come to you requesting that you assit the implementation of session hijacking countermeasures. What approaches are valid for this request?
Minimize remote access, and require strong authentication and encryption use for all VPNs.
Allow limited incoming connections and only from known trusted IP addresses.
When conducting a TCP/IP hijacking, what type of attack has the attacker adding an authentic-looking reset packet?
RST Hijacking
At what point during a TCP communication session does the client enter the established state?
It is established after the client acknowledges the server sequence number by incrementing it and setting the ACK flag.
In application-level hijacking, the session IDs can be obtained using a man-in-the-middle situation, which is referred to as what technique?
Sniffing
Which of the following is a process that allows the sender to specify a specific route for an IP packet to take to the destination?
Source routing
After monitoring and sniffing a client’s network activity, you discover that communication between one server and another host appears to be source routed. How can you take advantage of this fact?
You can spoof the trusted host’s IP address and then utilize the source routing to trick the server into believing your workstation is the trusted host.
What statement accurately describes how blind hijacking works with TCP?
In blind hijacking, an attacker must succeed in predicting or guessing the TCP sequence numbers of packets.
Which type of hijacking is a hacking technique that uses spoofed packets to take over a connection between a victim and a target machine?
TCP/IP
During which stage of a session hijacking does the attacker change the sequence number or the acknowledgment number of the server?
Desynchronizing the connection
In what type of exploitation does an attacker steal a valid session ID and use it to get into the system to extract data?
Session hijacking
Which layer communicates with the physical hardware and is responsible for the delivery of signals from the source to the destination over a physical communication platform?
data link
