312-50V13 · Question #302
Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packets with Bob's IP addr
The correct answer is C. TCP/IP hacking. TCP/IP Hijacking Explained Option C is correct because Samuel performed a TCP/IP hijacking (session hijacking) attack - he intercepted an established TCP session, predicted the Initial Sequence Number (ISN), spoofed Bob's IP address to inject malicious packets, and successfully t
Question
Options
- AUDP hijacking
- BBlind hijacking
- CTCP/IP hacking
- DForbidden attack
How the community answered
(33 responses)- A12% (4)
- B6% (2)
- C79% (26)
- D3% (1)
Explanation
TCP/IP Hijacking Explained
Option C is correct because Samuel performed a TCP/IP hijacking (session hijacking) attack - he intercepted an established TCP session, predicted the Initial Sequence Number (ISN), spoofed Bob's IP address to inject malicious packets, and successfully took over the communication session between Bob and the host machine, which are the defining characteristics of TCP/IP hijacking.
Why the distractors are wrong:
- A (UDP hijacking): UDP is a connectionless protocol with no ISN or sequence numbers; the scenario explicitly involves ISN prediction, which is a TCP mechanism
- B (Blind hijacking): In blind hijacking, the attacker cannot see the responses from the target - Samuel was actively monitoring and intercepting traffic, meaning he had full visibility of the session
- D (Forbidden attack): This is not a recognized standard attack type in ethical hacking/CEH terminology and is simply a distractor
Memory Tip: Think "TCP = Sequence Numbers" - whenever an exam scenario mentions predicting or manipulating ISNs (Initial Sequence Numbers) to take over a session, it's always TCP/IP hijacking. The ISN is your keyword trigger!
Topics
Community Discussion
No community discussion yet for this question.