CERTIFIED-IN-CYBERSECURITY · Question #170
CERTIFIED-IN-CYBERSECURITY Question #170: Real Exam Question with Answer & Explanation
The correct answer is D: Use an IPSec VPN. A replay attack is when an attacker captures and resends (i.e. "replays") authenticated messages (see ISC2 Study Guide, chapter 4, module 2). An IPSec VPN can prevent a replay attack because it tracks packet sequencing and includes the sender's signature on all packets; therefore
Question
The BEST defense method to stop a 'Replay Attack' is to: ()
Options
- AUse message digesting
- BUse password authentication
- CUse a Firewall
- DUse an IPSec VPN
Explanation
A replay attack is when an attacker captures and resends (i.e. "replays") authenticated messages (see ISC2 Study Guide, chapter 4, module 2). An IPSec VPN can prevent a replay attack because it tracks packet sequencing and includes the sender's signature on all packets; therefore preventing forged packages. Message digesting is ineffective in preventing resends (and thus also replay attacks), since it doesn't matter whether the attacker can read or decipher the original message and key (all they would have to do would be to resend the message and key together). One-time passwords can be used as a temporary session key known both to the sender and to the receiver that cannot be reused; although related, the concept 'password authentication' refers to a means to identify a user to a given system, and this is different from a one-time password. Firewalls are equipment that filters inbound Internet traffic, and are ineffective against replay attacks inside a network.
Topics
Community Discussion
No community discussion yet for this question.