978-0840020932 Chapter 8

Type Homework Help

Pages 3

Words 919

Textbook Computer Security and Penetration Testing 2nd Edition

Authors Alfred Basta, Nadine Basta, PhD CISSP CISA Mary Brown

Unlock document.

This document is partially blurred.

Unlock all pages and 1 million more documents.

Get Access

Chapter 8: Session Hijacking

TRUE/FALSE

1. Hijacking differs from spoofing in that the takeover occurs during an authenticated session.

2. A TCP session can be hijacked only before the hosts have authenticated successfully.

3. A successful hijacking takes place when a hacker intervenes in a TCP conversation and then takes the

role of either host or recipient.

4. Hunt performs sniffing in addition to session hijacking.

5. Since UDP does not have many error recovery features, it is more resistant to hijacking.

MULTIPLE CHOICE

1. TCP works with ____ to manage data packets on the network.

ARP

FIN

SSH

2. A TCP connection can be broken either by exchanging the FIN packets or by sending ____ packets.

ACK

STP

END

RST

3. ____ solves the ACK storm issue and facilitates TCP session hijacking.

SSL

Packet blocking

Storm watching

Encryption

4. A route table has two sections: the active routes and the ____.

close routes

alternate routes

active connections

passive routes

5. A(n) ____ on a computer stores the IP address and the corresponding MAC address.

IP table

UDP table

TCP table

ARP table

COMPLETION

1. _________________________ occurs when a hacker takes control of a TCP session between two hosts.

2. ____________________ is a debugging technique that allows packets to explicitly state the route they

will follow to their destination rather than follow normal routing rules.

3. A(n) ____________________ shows the way to the address sought, or the way to the nearest source that

might know the address.

4. ____________________ was developed by Pavel Krauz, inspired by Juggernaut, another session

hijacking tool.

5. ____________________ refers to setting an IDS rule to watch for abnormal increases in network traffic

and to alert the security officer when they occur.

SHORT ANSWER

1. Describe the three-way handshake authentication method of TCP.

2. How can you stop a continuous ACK transfer by resynchronizing the client and server?

3. Describe the reason why an ACK storm happens.

4. What happens if a route table cannot find a match?

5. What are the methods used by hackers to modify a route table?

Trusted by Thousands of
Students

Here are what students say about us.

Albert

University of Michigan

“I found almost every finance case study paper for my MBA courses.”.

Anna

University of Massachutsetts

“Wow! Solution manual for 3 out of 4 courses.”.

Collins

Jacksonville State University

“One-stop shop for college students. I passed all my exams thanks to Coursepaper”.

Jill

Boston University

“A helpful studying resources, a combination of all studying material in one place”.

Drake

Clark Atlanta University

“I graduated thanks to Coursepaper”.

Karen

College of Charleston

“I invested in Coursepaper, and it is paid off after the first semester. I got straight A”.

Hill

Concordia University Irvine

“Awesome awesome awesome site”.

Rachel

Coppin State University

“The one website that I recommend to every college students”.

978-0840020932 Chapter 8

Unlock document.

Trusted by Thousands of
Students

Albert

Anna

Collins

Jill

Drake

Karen

Hill

Rachel

Kristopher

Resources

Company

Legal

978-0840020932 Chapter 8

Unlock document.

Trusted by Thousands ofStudents

Albert

Anna

Collins

Jill

Drake

Karen

Hill

Rachel

Kristopher

Resources

Company

Legal

Trusted by Thousands of
Students