After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn’t see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server.
What attacks can you successfully launch against a server using the above technique?
A.
Denial of Service attacks
B.
Session Hijacking attacks
C.
Web page defacement attacks
D.
IP spoofing attacks
Should be D, as there is no existing session that is beeing hijacked.
B is correct. that’s how the session hijacking attack works (in theory).
It opens a second connection from the forged IP,means it is a session Hijacking attack.
“If the source IP address is used for authentication”, means it is a session, and when the hacker open a second connection with this IP, it is a session hijacking attack.
Ans:- B
session hijacking is the rite ans.
Ans:B
Correct Answers: B
It’s not considered easy to pass ECCouncil without any help from exam material. Expert’s guidance is also important as it gives a direction for study. What you read gives you knowledge and how you read brings technicality in you. If you want to get good grades you need to use 312-50 exam dumps for definite success. By using material in PDF form you can pass by the first attempt. https://www.dumps4download.com/itilfnd-dumps.html
Correct Answer: B
https://www.dumps4download.com/312-50-dumps.html