nerdexam
EC-Council

312-50V10 · Question #377

Which of the following is an example of IP spoofing?

The correct answer is B. Man-in-the-middle. A man-in-the-middle attack is an example of IP spoofing because the attacker forges source IP addresses to impersonate a legitimate host and intercept communications.

Session Hijacking

Question

Which of the following is an example of IP spoofing?

Options

  • ASQL injections
  • BMan-in-the-middle
  • CCross-site scripting
  • DARP poisoning

How the community answered

(47 responses)
  • A
    2% (1)
  • B
    96% (45)
  • C
    2% (1)

Why each option

A man-in-the-middle attack is an example of IP spoofing because the attacker forges source IP addresses to impersonate a legitimate host and intercept communications.

ASQL injections

SQL injection is an input-validation attack targeting database query interpretation; it does not involve forging IP addresses.

BMan-in-the-middleCorrect

In a man-in-the-middle attack, the attacker typically uses IP spoofing to forge the source IP address of packets, making each communicating party believe they are talking directly to the other while the attacker intercepts or modifies traffic. IP spoofing is the mechanism that enables the attacker to masquerade as a trusted endpoint. This makes MITM a direct example of IP-layer identity falsification.

CCross-site scripting

Cross-site scripting (XSS) injects malicious scripts into web pages viewed by other users and operates at the application layer, unrelated to IP address forgery.

DARP poisoning

ARP poisoning is a form of ARP spoofing that falsifies MAC-to-IP mappings at Layer 2 to redirect traffic on a local network segment, which is distinct from IP-layer spoofing.

Concept tested: IP spoofing and man-in-the-middle relationship

Source: https://csrc.nist.gov/glossary/term/ip_spoofing

Topics

#IP spoofing#man-in-the-middle#session interception#network attacks

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice