Unlock Digital Detective Skills with the 2025 Forensics Challenge – Solve the Cyber Mysteries!

Question: 1 / 400

What type of attack did Malcolm perform by stealing an employee's credentials using packet sniffers?

Phishing

Authentication hijacking

The scenario describes an attack where an attacker, in this case, Malcolm, steals an employee's credentials using packet sniffers. This technique is fundamentally linked to authentication hijacking.

Authentication hijacking occurs when an attacker gains access to a user's session or credentials, typically through methods like packet sniffing, where sensitive data packets traveling over a network are intercepted. In this context, stealing the credentials allows Malcolm to impersonate the user and gain unauthorized access to systems or data.

The other options present different types of attacks that do not align with the method described in the scenario. Phishing typically involves tricking the user into providing their credentials voluntarily, rather than intercepting them directly. Session fixation involves exploiting a user's session identifier, which is not relevant here since the attack is about stealing credentials, not manipulating a session token. Lastly, cross-site request forgery tricks a user into performing actions without their consent, but it does not involve stealing credentials directly via packet sniffing. Thus, the most accurate characterization of Malcolm's actions is authentication hijacking.

Get further explanation with Examzify DeepDiveBeta

Session fixation

Cross-site request forgery

Next Question

Report this question

Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy