SSCP Question #1294: Real Exam Question with Answer & Explanation

Question

Sandra has used Ethereal, a packet sniffer, to listen in on network transmissions. She has captured several passwords. What type of attack has been performed on her network?

Options

• AAn active attack
• BA man-the-middle attack
• CA session hijacking
• DA privilege escalation attack
• EAn illicit server attack

Explanation

By using a packet sniffer like Ethereal to capture passwords from network transmissions, Sandra has performed a man-in-the-middle (MitM) attack, positioning herself to eavesdrop and intercept communications.

Common mistakes.

• A. An active attack involves modifying or disrupting data, whereas simply sniffing passwords is typically a passive interception, though it can precede active exploitation. While 'man-in-the-middle' is a more specific and accurate classification.
• C. Session hijacking involves taking over an authenticated session, which is a subsequent step to capturing credentials, not the act of capturing them itself through sniffing.
• D. A privilege escalation attack involves gaining higher access rights within a system, which is a different objective and technique than passively capturing passwords from the network.
• E. An 'illicit server attack' is not a standard or commonly recognized category of network attack.

Concept tested. Man-in-the-middle (MitM) attack

Reference. https://www.cisco.com/c/en/us/products/security/what-is-man-in-the-middle-attack-mitm.html

No community discussion yet for this question.