nerdexam
EC-Council

312-50V11 · Question #647

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the w

The correct answer is C. A man in the middle attack. Susan intercepted, modified, and relayed live traffic between her boss and the file server without detection, which precisely defines a man-in-the-middle attack.

Session Hijacking

Question

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory. What kind of attack is Susan carrying on?

Options

  • AA sniffing attack
  • BA spoofing attack
  • CA man in the middle attack
  • DA denial of service attack

How the community answered

(25 responses)
  • A
    4% (1)
  • C
    88% (22)
  • D
    8% (2)

Why each option

Susan intercepted, modified, and relayed live traffic between her boss and the file server without detection, which precisely defines a man-in-the-middle attack.

AA sniffing attack

A sniffing attack is purely passive and involves only capturing traffic without modification; Susan actively altered the intercepted data, which goes beyond sniffing.

BA spoofing attack

A spoofing attack involves impersonating an identity such as an IP or MAC address, but does not inherently include the live interception, modification, and relay of session traffic that Susan performed.

CA man in the middle attackCorrect

A man-in-the-middle (MITM) attack occurs when an attacker secretly positions themselves between two communicating parties, intercepting and potentially altering data in transit before forwarding it to the intended recipient. Susan synchronized sessions with both the boss and the file server, intercepted his traffic, modified its contents, and delivered the altered data - fulfilling all hallmarks of MITM where neither legitimate party detects the interference.

DA denial of service attack

A denial of service attack aims to disrupt the availability of a service; Susan's objective was data manipulation and unauthorized file placement, not service disruption.

Concept tested: Man-in-the-middle attack characteristics and identification

Source: https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack

Topics

#man-in-the-middle#session synchronization#traffic interception#data modification

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice