Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?
A.
Evil twin
B.
DNS poisoning
C.
Vishing
D.
Session hijacking
Explanation:
DNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) resolver’s cache, causing
the name server to return an incorrect IP address, diverting traffic to the attacker’s computer (or any other computer).A domain name system server translates a human-readable domain name (such as example.com) into a numerical IP address that is used to route
communications between nodes. Normally if the server doesn’t know a requested translation it will ask another server, and the process continues recursively. To
increase performance, a server will typically remember (cache) these translations for a certain amount of time, so that, if it receives another request for the same
translation, it can reply without having to ask the other server again.
When a DNS server has received a false translation and caches it for performance optimization, it is considered poisoned, and it supplies the false data to clients. If
a DNS server is poisoned, it may return an incorrect IP address, diverting traffic to another computer (in this case, the server hosting the web page with derogatory
content).
Incorrect Answers:
A: An evil twin, in the context of network security, is a rogue or fake wireless access point (WAP) that appears as a genuine hotspot offered by a legitimate
provider. In an evil twin attack, an eavesdropper or hacker fraudulently creates this rogue hotspot to collect the personal data of unsuspecting users. Sensitive data
can be stolen by spying on a connection or using a phishing technique.
For example, a hacker using an evil twin exploit may be positioned near an authentic Wi-Fi access point and discover the service set identifier (SSID) and
frequency. The hacker may then send a radio signal using the exact same frequency and SSID. To end users, the rogue evil twin appears as their legitimate
hotspot with the same name.
In wireless transmissions, evil twins are not a new phenomenon. Historically, they were known as honeypots or base station clones. With the advancement of
wireless technology and the use of wireless devices in public areas, it is very easy for novice users to set up evil twin exploits. This is not what is described in this
question. Therefore, this answer is incorrect.
C: Vishing (voice or VoIP phishing) is an electronic fraud tactic in which individuals are tricked into revealing critical financial or personal information to unauthorized
entities. Vishing works like phishing but does not always occur over the Internet and is carried out using voice technology. A vishing attack can be conducted by
voice email, VoIP (voice over IP), or landline or cellular telephone. This is not what is described in this question. Therefore, this answer is incorrect.
D: In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session–sometimes also called a
session key–to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to
authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be
easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer. This is not what is described in this
question. Therefore, this answer is incorrect.http://en.wikipedia.org/wiki/DNS_spoofing
http://www.techopedia.com/definition/5057/evil-twin
http://searchunifiedcommunications.techtarget.com/definition/vishing http://en.wikipedia.org/wiki/Session_hijacking