New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GPEN Exam - Topic 5 Question 64 Discussion

Actual exam question for GIAC's GPEN exam
Question #: 64
Topic #: 5
[All GPEN Questions]

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Show Suggested Answer Hide Answer
Suggested Answer: C

by Delmy at Dec 05, 2024, 08:28 AM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Yuonne
3 months ago
D is spot on, it's all about exploiting valid sessions.
upvoted 0 times
...
Raymon
3 months ago
Wait, people actually use session hijacking? That's wild!
upvoted 0 times
...
Aaron
3 months ago
A is just wrong, session hijacking isn't about slowing networks.
upvoted 0 times
...
Sherman
4 months ago
C makes sense, but A? Not so sure about that.
upvoted 0 times
...
Hyman
4 months ago
B and D are definitely true.
upvoted 0 times
...
Nada
4 months ago
D sounds accurate to me. Exploiting a valid session for unauthorized access is exactly what session hijacking is about. I think that's a solid choice.
upvoted 0 times
...
Josefa
4 months ago
C seems plausible, but I can't recall if a long random string is enough to completely prevent session hijacking. I feel like there are more factors involved.
upvoted 0 times
...
Olive
4 months ago
I think B is definitely correct. TCP session hijacking is about taking over an active session, right? That sounds familiar.
upvoted 0 times
...
Nidia
5 months ago
I remember discussing session hijacking in class, but I'm not sure if A is really true. Slowing down network resources doesn't seem like the main goal.
upvoted 0 times
...
Carin
5 months ago
I think using a long random session key, as mentioned in option C, is a good way to prevent session hijacking. I'll make sure to mark that one as true.
upvoted 0 times
...
Ty
5 months ago
Okay, I know session hijacking involves taking over an existing session, so option B sounds right. And option D seems to capture the essence of what session hijacking is.
upvoted 0 times
...
Krissy
5 months ago
Hmm, I'm a bit unsure about option A. Slowing down network resources doesn't seem like a typical goal of session hijacking. I'll need to think this through carefully.
upvoted 0 times
...
Cecilia
5 months ago
This question looks straightforward. I'll focus on understanding the key concepts of session hijacking and how to identify the true statements.
upvoted 0 times
...
Salena
10 months ago
Session hijacking? More like session 'high-jacking'! Am I right, folks? Hey, at least I'm keeping it light in these trying times.
upvoted 0 times
Julianna
9 months ago
C) Use of a long random number or string as the session key reduces session hijacking.
upvoted 0 times
...
Terina
9 months ago
B) TCP session hijacking is when a hacker takes over a TCP session between two machines.
upvoted 0 times
...
Fanny
9 months ago
A) It is used to slow the working of victim's network resources.
upvoted 0 times
...
...
Maricela
10 months ago
B and D are no-brainers, but A? Slowing down the network? That's like trying to catch a fish with a stick of dynamite. Not very subtle, is it?
upvoted 0 times
Lisbeth
9 months ago
D) It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
upvoted 0 times
...
Arlyne
9 months ago
C) Use of a long random number or string as the session key reduces session hijacking.
upvoted 0 times
...
Willard
9 months ago
B) TCP session hijacking is when a hacker takes over a TCP session between two machines.
upvoted 0 times
...
Georgiann
10 months ago
A) It is used to slow the working of victim's network resources.
upvoted 0 times
...
...
Cristal
10 months ago
Wow, this is a tricky one. I'm going to go with B, C, and D. A sounds more like a denial of service attack, not session hijacking.
upvoted 0 times
...
Dylan
11 months ago
I believe C is also true. Using a long random session key can definitely help prevent session hijacking.
upvoted 0 times
...
Vicente
11 months ago
All of these answers seem relevant to session hijacking. C is a good way to mitigate the risk, but you can never be too careful.
upvoted 0 times
Kenia
9 months ago
D) It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
upvoted 0 times
...
Kathrine
9 months ago
C) Use of a long random number or string as the session key reduces session hijacking.
upvoted 0 times
...
Ming
9 months ago
B) TCP session hijacking is when a hacker takes over a TCP session between two machines.
upvoted 0 times
...
Lazaro
10 months ago
A) It is used to slow the working of victim's network resources.
upvoted 0 times
...
...
Daniel
11 months ago
I agree with you, Ira. TCP session hijacking and unauthorized access are definitely part of session hijacking.
upvoted 0 times
...
Raul
11 months ago
B and D are definitely true. Session hijacking is a real threat and can lead to some serious security issues. I'm not sure about A though, seems a bit off.
upvoted 0 times
...
Ira
11 months ago
I think B and D are true.
upvoted 0 times
...

Save Cancel