Which type of attack occurs when a hacker obtains passwords and other information from legitimate transactions?
A.
Man-in-the-middle attack
B.
Denial-of-service attack
C.
Dictionary attack
D.
Illicit server attack
Explanation:
1D0-470
A man-in-the-middle attack is when someone gets in the middle of a transaction between two servers and intercepts the transaction flow. This differs slightly from the hijacking attack. In the hijacking attack the man-in-the-middle actually cuts in and impersonates one the partners, but in a man-in-the-middle attack, the intervening party only eavesdrops and listens to the stream.
Incorrect Answers:
B: Denial of service is when the attack prevents legitimate users from accessing the server. Usually the server is flooded with so many messages that no one else can gain access. Of course, if you crash the server, and the server is down, that too is a denial of service because the server was made inaccessible to legitimate users.
C: A dictionary attack is the process of trying every character combination to guess a password (brute force) or using a dictionary type program to generate and try all character combinations.
D: An illicit server attack is when you have an unauthorized service or daemon running on the system that can cause harm.