Question 1David, a network administrator, was assigned to analyze the network for signatures of a session hijacking attack on an organization. David captured all the network traffic using packet sniffing tools and used various filters to find any repeated ARP update packets.Which of the following methods has David employed in the above scenario to detect session hijacking attacks? 1 pointIntrusion detection system Automatic method Intrusion prevention system Manual method 2.Question 2Which of the following countermeasures should be followed to defend against session hijacking? 1 pointDisable browsers to verify website authenticity Use HPKP to allow users to authenticate web servers Allow the cross-site scripts known as CSRF from the client side Enable compression mechanisms of HTTP requests

Please choose the best answer from the choices belowWhich of the following countermeasures helps security professionals protect a network from session hijacking attacks?Ensure that data in transit are encryptedPass authentication cookies over HTTP connectionsNever use IPsec to encrypt session informationUse short random numbers as session keys

Question 1In which of the following techniques does an attacker predict the sequence numbers that a victim host sends to create a connection that appears to originate from the host and then hijacks the communication? 1 pointDNS poisoning Blind hijacking IP spoofing UDP flood attack 2.Question 2In which of the following session hijacking phases does an attacker break the connection to the victim’s machine by knowing the next sequence number (NSN)? 1 pointMonitor Session desynchronization Command injection Session ID prediction

Question 5As a security analyst, you are monitoring network traffic and detect a large number of failed login attempts. Which of the following tools would help you investigate this incident? Select two answers.1 pointAn intrusion detection system (IDS)A cryptographic encoderAn antivirus softwareA network protocol analyzer (packet sniffer)

Question 1Smith, a professional hacker, initiated a network sniffing attack on the switched Ethernet environment of a target organization. He employed an automated tool to flood the switch with a fake physical address until the switch translation table became full. When the switch entered fail-open mode, it started acting as a hub by broadcasting packets. Now, Smith could easily accomplish his goal of network sniffing.Identify the type of attack performed by Smith in the above scenario. 1 pointARP spoofing DHCP starvation MAC flooding DNS poisoning 2.Question 2Which of the following tool helps an attacker perform an ARP poisoning attack? 1 pointWireshark High Orbit Ion Cannon BetterCAP Nbtstat

Which attack exploits the trust relationship between a user's computer and another system to impersonate the user and gain unauthorized access?1 pointA) ARP spoofingB) DNS poisoningC) Man-in-the-middle attackD) TCP session hijacking