Users at a company report that a popular news website keeps taking them to a web page with derogatory
content. This is an example of which of the following?

A.
Evil twin

B.
DNS poisoning

C.
Vishing

D.
Session hijacking

Explanation:
DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a
Domain Name System (DNS) resolver’s cache, causing the name server to return an incorrect IP address,
diverting traffic to the attacker’s computer (or any other computer).
A domain name system server translates a human-readable domain name (such as example.com) into a
numerical IP address that is used to route communications between nodes. Normally if the server doesn’t
know a requested translation it will ask another server, and the process continues recursively. To increase
performance, a server will typically remember (cache) these translations for a certain amount of time, so
that, if it receives another request for the same translation, it can reply without having to ask the other
server again.
When a DNS server has received a false translation and caches it for performance optimization, it is
considered poisoned, and it supplies the false data to clients. If a DNS server is poisoned, it may return an
incorrect IP address, diverting traffic to another computer (in this case, the server hosting the web page
with derogatory content).
Incorrect Answers:
A: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that
appears as a genuine hotspot offered by a legitimate provider.
In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the
personal data of unsuspecting users. Sensitive data can be stolen by spying on a connection or using a
phishing technique.
For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point
and discover the service set identifier (SSID) and frequency. The hacker may then send a radio signal using
the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate hotspot
with the same name.In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as
honeypots or base station clones. With the advancement of wireless technology and the use of wireless
devices in public areas, it is very easy for novice users to set up evil twin exploits. This is not what is
described in this question.
C: Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into
revealing critical financial or personal information to unauthorized entities. Vishing works like phishing
but does not always occur over the Internet and is carried out using voice technology. A vishing attack can
be conducted by voice email, VoIP (voice over IP), or landline or cellular telephone. This is not what is
described in this question.
D: In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of
a valid computer session—sometimes also called a session key—to gain unauthorized access to
information or services in a computer system. In particular, it is used to refer to the theft of a magic
cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as
the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using
an intermediary computer or with access to the saved cookies on the victim’s computer. This is not what
is described in this question.

http://en.wikipedia.org/wiki/DNS_spoofing
http://www.techopedia.com/definition/5057/evil-twin
http://searchunifiedcommunications.techtarget.com/definition/vishing
http://en.wikipedia.org/wiki/Session_hijacking