(Choose two)

Bob, an Administrator at XYZ was furious when he discovered that his buddy Trent, has launched
a session hijack attack against his network, and sniffed on his communication, including
administrative tasks suck as configuring routers, firewalls, IDS, via Telnet.
Bob, being an unhappy administrator, seeks your help to assist him in ensuring that attackers such
as Trent will not be able to launch a session hijack in XYZ.
Based on the above scenario, please choose which would be your corrective measurement
actions. (Choose two)

Bob, an Administrator at XYZ was furious when he discovered that his buddy Trent, has launched
a session hijack attack against his network, and sniffed on his communication, including
administrative tasks suck as configuring routers, firewalls, IDS, via Telnet.
Bob, being an unhappy administrator, seeks your help to assist him in ensuring that attackers such
as Trent will not be able to launch a session hijack in XYZ.
Based on the above scenario, please choose which would be your corrective measurement
actions. (Choose two)

A.
Use encrypted protocols,like those found in the OpenSSH suite.

B.
Implement FAT32 filesystem for faster indexing and improved performance.

C.
Configure the appropriate spoof rules on gateways (internal and external).

D.
Monitor for CRP caches,by using IDS products.

Explanation:
First you should encrypt the data passed between the parties; in particular the
session key. This technique is widely relied-upon by web-based banks and other e-commerce
services,because it completely prevents sniffing-style attacks. However,it could still be possible to
perform some other kind of session hijack. By configuring the appropriate spoof rules you prevent
the attacker from using the same IP address as the victim as thus you can implement secondary
check to see that the IP does not change in the middle of the session.



Leave a Reply 1

Your email address will not be published. Required fields are marked *