nerdexam
ExamsGCIHQuestions#54
GIAC

GCIH · Question #54

GCIH Question #54: Real Exam Question with Answer & Explanation

The correct answer is B: Session Hijacking. Session hijacking is the attack in which an adversary takes over an active TCP session between a server and a client, and is especially effective against unencrypted protocols like Telnet and FTP that transmit session data in plaintext.

Web Application Attacks & Post-Exploitation

Question

Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

Options

  • ADictionary attack
  • BSession Hijacking
  • CTrojan horse
  • DSocial Engineering

Explanation

Session hijacking is the attack in which an adversary takes over an active TCP session between a server and a client, and is especially effective against unencrypted protocols like Telnet and FTP that transmit session data in plaintext.

Common mistakes.

  • A. A dictionary attack systematically tries words from a predefined wordlist to crack passwords offline or online and does not involve taking over an already-authenticated network session.
  • C. A Trojan horse is malware that disguises itself as legitimate software to gain unauthorized access to a system and is unrelated to intercepting or hijacking live TCP/IP sessions.
  • D. Social engineering psychologically manipulates individuals into divulging sensitive information or performing actions and involves no technical interception of active network sessions.

Concept tested. Session hijacking against unencrypted TCP/IP protocols

Reference. https://owasp.org/www-community/attacks/Session_hijacking_attack

Topics

#session hijacking#TELNET#FTP#unencrypted protocols

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice