nerdexam
EC-Council

312-50V9 · Question #549

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the w

The correct answer is C. A man in the middle attack. Susan intercepts, modifies, and forwards traffic between her boss and the file server without either party's knowledge, which is the definition of a man-in-the-middle attack.

Session Hijacking

Question

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory. What kind of attack is Susan carrying on?

Options

  • AA sniffing attack
  • BA spoofing attack
  • CA man in the middle attack
  • DA denial of service attack

How the community answered

(22 responses)
  • A
    5% (1)
  • B
    9% (2)
  • C
    73% (16)
  • D
    14% (3)

Why each option

Susan intercepts, modifies, and forwards traffic between her boss and the file server without either party's knowledge, which is the definition of a man-in-the-middle attack.

AA sniffing attack

A sniffing attack is purely passive - the attacker only captures and reads traffic without modifying or relaying it between parties.

BA spoofing attack

A spoofing attack involves impersonating an identity such as an IP or MAC address, but does not require intercepting and modifying live traffic in transit between two parties.

CA man in the middle attackCorrect

In a man-in-the-middle attack, the attacker positions herself between two communicating parties - here Susan synchronized sessions between the boss and the file server. She intercepted the boss's traffic, altered its contents, and forwarded the modified data to the server, with neither endpoint aware of her presence or interference.

DA denial of service attack

A denial of service attack aims to make a resource unavailable to legitimate users, not to intercept and alter communications.

Concept tested: Man-in-the-middle attack definition and mechanics

Source: https://owasp.org/www-community/attacks/Man-in-the-middle_attack

Topics

#man-in-the-middle#session hijacking#traffic interception#session synchronization

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice