which of the following attacks is the company being subjected to?

You work as a Network Administrator for SpyNet Inc. The company has a Windows-based network.
You have been assigned the task of auditing the scheduled network security. After a regular
audition, you suspect that the company is under attack by an intruder trying to gain access to the
company’s network resources. While analyzing the log files, you find that the IP address of the
intruder belongs to a trusted partner company. Assuming this situation, which of the following
attacks is the company being subjected to?

You work as a Network Administrator for SpyNet Inc. The company has a Windows-based network.
You have been assigned the task of auditing the scheduled network security. After a regular
audition, you suspect that the company is under attack by an intruder trying to gain access to the
company’s network resources. While analyzing the log files, you find that the IP address of the
intruder belongs to a trusted partner company. Assuming this situation, which of the following
attacks is the company being subjected to?

A.
Spoofing

B.
Man-in-the-middle

C.
CookieMonster

D.
Phreaking

Explanation:
Spoofing is a technique that makes a transmission appear to have come from an authentic source by
forging the IP address, email address, caller ID, etc. In IP spoofing, a hacker modifies packet headers
by using someone else’s IP address to hide his identity. However, spoofing cannot be used while
surfing the Internet, chatting on-line, etc. because forging the source IP address causes the
responses to be misdirected.

Answer B is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an
intermediary software or program between two communicating hosts. The intermediary software or
program allows attackers to listen to and modify the communication packets passing between the
two hosts. The software intercepts the communication packets and then sends the information to
the receiving host. The receiving host responds to the software, presuming it to be the legitimate
client.

Answer C is incorrect. A CookieMonster attack is a man-in-the-middle exploit where a third party
can gain HTTPS cookie data when the ‘Encrypted Sessions Only’ property is not properly set. This
could allow access to sites with sensitive personal or financial information. Users of the World Wide
Web can reduce their exposure to CookieMonster attacks by avoiding websites that are vulnerable
to these attacks. Certain web browsers make it possible for the user to establish which sites these
are. For example, users of the Firefox browser can go to the Privacy tab in the Preferences window,
and click on ‘Show Cookies.’ For a given site, inspecting the individual cookies for the top level name
of the site, and any subdomain names, will reveal if ‘Send For: Encrypted connections only,’ has been
set. If it has, the user can test for the site’s vulnerability to CookieMonster attacks by deleting these
cookies and visiting the site again. If the site still allows the user in, the site is vulnerable to
CookieMonster attacks.

Answer D is incorrect. Phreaking is a process used to crack the phone system. The main aim of
phreaking is to avoid paying for long-distance calls. As telephone networks have become
computerized, phreaking has become closely linked with computer hacking. This is sometimes called
the H/P culture (with H standing for Hacking and P standing for Phreaking).



Leave a Reply 0

Your email address will not be published. Required fields are marked *