GIAC Exam GPEN Topic 5 Question 64 Discussion

Actual exam question for GIAC's GPEN exam

Question #: 64
Topic #: 5

[All GPEN Questions]

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

AIt is used to slow the working of victim's network resources.

BTCP session hijacking is when a hacker takes over a TCP session between two machines.

CUse of a long random number or string as the session key reduces session hijacking.

DIt is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

Show Suggested Answer

Suggested Answer: C

by Delmy at Dec 05, 2024, 08:28 AM

Limited Time Offer

25%

Off

Get Premium GPEN Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Salena

16 days ago

Session hijacking? More like session 'high-jacking'! Am I right, folks? Hey, at least I'm keeping it light in these trying times.

upvoted 0 times

...

1 months ago

All of these answers seem relevant to session hijacking. C is a good way to mitigate the risk, but you can never be too careful.

upvoted 0 times

Ming

14 hours ago

B) TCP session hijacking is when a hacker takes over a TCP session between two machines.

upvoted 0 times

...

Lazaro

6 days ago

A) It is used to slow the working of victim's network resources.

upvoted 0 times

...

Daniel

1 months ago

I agree with you, Ira. TCP session hijacking and unauthorized access are definitely part of session hijacking.

upvoted 0 times

...

Raul

1 months ago

B and D are definitely true. Session hijacking is a real threat and can lead to some serious security issues. I'm not sure about A though, seems a bit off.

upvoted 0 times

...

Ira

1 months ago

I think B and D are true.

upvoted 0 times

...