SY0-501 · Question #168
SY0-501 Question #168: Real Exam Question with Answer & Explanation
The correct answer is C: Replay attack. The described scenario, where an attacker captures legitimate transaction packets and retransmits them to repeat an action, is characteristic of a replay attack.
Question
An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then user a function of the sniffer to push those packets back onto the network again, adding another $20 to the gift card. This can be done many times. Which of the following describes this type of attack?
Options
- AInteger overflow attack
- BSmurf attack
- CReplay attack
- DBuffer overflow attack
- ECross-site scripting attack
Explanation
The described scenario, where an attacker captures legitimate transaction packets and retransmits them to repeat an action, is characteristic of a replay attack.
Common mistakes.
- A. An integer overflow attack occurs when a program attempts to store a numeric value larger than the data type allocated to it, leading to incorrect calculations or memory corruption, which is not what is depicted here.
- B. A Smurf attack is a type of Distributed Denial of Service (DDoS) attack that uses ICMP echo requests with a spoofed source IP to flood a target, not related to retransmitting transaction data.
- D. A buffer overflow attack involves writing more data to a buffer than it can hold, overwriting adjacent memory and potentially executing malicious code, which is different from replaying network traffic.
- E. A cross-site scripting (XSS) attack involves injecting malicious client-side scripts into web pages to be executed by other users, primarily targeting web application vulnerabilities rather than network packet retransmission.
Concept tested. Network replay attack identification
Reference. https://learn.microsoft.com/en-us/windows/win32/secauthn/replay-attacks
Community Discussion
No community discussion yet for this question.